Backup Exec

From: Dan (HERMAND) 4 Feb 2012 19:12

To: Ken (SHIELDSIT) 18 of 29

39291.18 In reply to 39291.12

P.S, regarding my post above I assumed your servers don't have something like HP's iLO, or Dell's DRAC?

Reply

0/0

From: Ken (SHIELDSIT) 4 Feb 2012 21:33

To: Dan (HERMAND) 19 of 29

39291.19 In reply to 39291.18

They do but I rarely use them.

You would think there would be an easy way to do it. I would have thought a GPO would do it, and it still might, but that's still a cludgy way to take care of it.

Reply

0/0

From: Dan (HERMAND) 4 Feb 2012 21:43

To: Ken (SHIELDSIT) 20 of 29

39291.20 In reply to 39291.19

Problem is, it kind of makes no sense. Try and "define" what you mean - do you mean that the computer shouldn't provide any services - what about websites, etc? Do you mean non-admins shouldn't log on at the console? Remotely? Do you mean file shares should be inadmissible?

I don't see how it'd be feasible for MS to provide a switch to do what you need as it's so dependent on individual use cases.

Reply

0/0

From: patch 4 Feb 2012 21:54

To: Ken (SHIELDSIT) 21 of 29

39291.21 In reply to 39291.19

Access list on the Cisco switch it's attached to. Easy.

What do you mean it's not a Cisco switch?

Reply

0/0

From: Dan (HERMAND) 4 Feb 2012 21:57

To: patch 22 of 29

39291.22 In reply to 39291.21

I'd strangle anyone making substantial network changes for such a temporary thing. I realise he doesn't have to commit them, but still.

Besides, he's probably going to be accessing it from the same IP range as his users if he's VPNing in.

Reply

0/0

From: patch 4 Feb 2012 21:58

To: Dan (HERMAND) 23 of 29

39291.23 In reply to 39291.22

That's what named access lists are for. And besides, it's his network. He'd only have himself to shout at.

Reply

0/0

From: Dan (HERMAND) 4 Feb 2012 22:00

To: patch 24 of 29

39291.24 In reply to 39291.23

Fair point, I just see network technology as something to fit and forget, save changing VLANs on ports etc.

Reply

0/0

From: patch 4 Feb 2012 22:01

To: Dan (HERMAND) 25 of 29

39291.25 In reply to 39291.24

I don't, but then I rely on it to pay my rent, so changes tend to be fine by me. Up to a point. That point being where I can't figure out how to fix what I broke.

Reply

0/0

From: Ken (SHIELDSIT) 4 Feb 2012 22:03

To: Dan (HERMAND) 26 of 29

39291.26 In reply to 39291.20

I mean when I am installing updates or increasing drive sizes or things of that nature I'd not like people on the server. It's a terminal server. The others don't get logged on other than by me.

I'd like to block everything but printing really until I'm done working on it, but I suppose shares would be ok. The problem with that is if someone has a doc or spreadsheet open and I reboot the server they will panic and close it and lose their work.

There should be a maintenance mode like there is in Esxi.

Reply

0/0

From: Ken (SHIELDSIT) 4 Feb 2012 22:03

To: patch 27 of 29

39291.27 In reply to 39291.21

Nope not a Cisco switch, just a Cisco router.

Reply

0/0

From: Dan (HERMAND) 5 Feb 2012 11:38

To: Ken (SHIELDSIT) 28 of 29

39291.28 In reply to 39291.26

Terminal Server, why didn't you say? What OS is it?