Active Directory and Network security management

Tags:
Active Directory
Active Directory Backup and Restore
Backup
Network security
Network Security Management
Security
Windows
What is the best way for me to ensure Active Directory is being backed up? Another question is some people have dos programs that require modify access on c: I would like to know if there is a better way to assign that permission. Some people need local admin rights to run their programs. Obviously I want to give the least amount of rights possible to allow them to do their job. What is the difference between giving them local admin rights and modify on c: rights?

Answer Wiki

Thanks. We'll let you know when a new response is added.

Try using a Virtual machine for the OS/application that needs this level of access. Another mechanism could be Citrix or Terminal server. You can look at some of these resources also for suggestions:

<a href=”http://www.threatcode.com/”>non-UAC or LUA application hall of shame</a>
<a href=”http://blogs.msdn.com/aaron_margosis/default.aspx”>LUA – NonAdmin blog by Microsoft MVP</a>

There are utilities/software out there that can temporarily elevate authority while the application is running. We use a VB shell around a couple of applications to elevate authority and it seems to work well.

==========================================================
the best way to verify that the Active Directory is being backed up is to examine your backup logs, and ensure that the system state has been included. I would also recommend testing your backups periodically to make sure that the Active Directory can be restored. You can install Windows Server onto a cheap PC can use that PC as a way of testing your backups so long as it is not connected to the network.

As for the DOS programs, I would recommend running them in a virtual machine environment, or hosting them through a terminal service session.

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following