[AccessD] What a mess (otherwise known as "who owns things")

Drew Wutka DWUTKA at Marlow.com
Tue Jun 2 12:37:51 CDT 2009


What do you get with WHS that you are actually using?

What I would recommend, is that you turn WHS into a plain Windows 2003
machine, run Virtual Server (or the VMWare equivalent) and then do one
of two things, turn the host machine into a DC and create a virtual DC,
or create a virtual DC.  A domain controller doesn't have to be a very
hefty machine.  It just needs a Server OS.

My personal home network, I have one little old Dell, that runs a DC.  I
don't have a backup DC, because honestly, there's really no point.  I
only have 2 or 3 machines on the Domain, and if I lost my DC, I can just
recreate it, and rejoin my old machines.  If I were running more
important things at home, I would create a backup DC, probably in a
virtual environment.

Will have the post on creating/running a domain up in a little bit,
almost done with the screen shots.  

Drew

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of jwcolby
Sent: Tuesday, June 02, 2009 12:17 PM
To: Access Developers discussion and problem solving
Subject: Re: [AccessD] What a mess (otherwise known as "who owns
things")

LOL, so now I have to leave THREE computers running 24/7/365.  WHS,
Domain controller, BACKUP Domain 
controller.

This is getting less and less desirable.

ATM there are 4 computers on 24/7, the WHS, my laptop, Mary's laptop and
Robbie's laptop.  The two 
SQL Server machines are relative power hogs simply because they have
more powerful quad core 
processors as well as anywhere from 8 to 16 disk drives in them.  I do
not use them every day so I 
turn them off between uses.

John W. Colby
www.ColbyConsulting.com


Jim Lawrence wrote:
> I think Drew is right on this... just a warning to make one computer a
> backup domain controller because if the Active Directory
drive/computer ever
> fails you could lose the security for the entire network and that has
all
> sorts of really ugly ramifications.
> 
> Jim
> 
> -----Original Message-----
> From: accessd-bounces at databaseadvisors.com
> [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Drew Wutka
> Sent: Monday, June 01, 2009 1:47 PM
> To: Access Developers discussion and problem solving
> Subject: Re: [AccessD] What a mess (otherwise knbown as "who owns
things")
> 
> NTFS bases it's security on username/domain name, in a sort of hash.
If
> you rebuild a machine, but only one partition, other partitions aren't
> automatically set to be used by the new machine's credentials.  This
is
> because an account on a local machine is not going to be quite the
same
> as an account on the same machine with the OS reloaded.  So all the
> files/partitions will be 'foreign'.
> 
> I know this is kind of annoying, but it is a failed attempt to provide
> security for your files.  NTFS can't really do that since it doesn't
> encrypt anything by default.  I have a program called Restore Pro
2000,
> which lets me recover anything from NTFS partitions (so you can format
a
> drive, and I can recover the data....unless you do a low level
'zeroing'
> of that drive).  It completely ignores NTFS security, because it
doesn't
> use Windows to read the drive, it is using lower level BIOS calls.
Very
> handy.  NTFS is only applicable if you are accessing folders/files
> through windows itself.  Even more bizarre is that Microsoft released
an
> NTFS driver for Windows 9x, which allows a windows 9x machine to
> read/write to an NTFS partition...and it completely ignores the NTFS
> security flags.
> 
> So, to answer your question about how to prevent this from happening,
if
> you have a license (or 2) for Windows 2003 Server (or copies you are
> using), then I would recommend setting up a domain.  By setting up a
> domain, with Active Directory, you are centralizing your users and
> groups, so your login account will have the same permissions no matter
> what machine you are using.  (And if you wipe the C drive of a
machine,
> and reinstall the OS, as soon as you join it to the domain, all your
> permissions are back!).  Setting up a domain controller can also make
> home networking WAY easier (and more efficient).  The DHCP, WINS and
DNS
> servers available in a Windows Server are pretty easy to use, and
> provide some pretty slick options as to setting up pointers to what is
> what!
> 
> Just my two cents though....
> 
> Drew
> 
> -----Original Message-----
> From: accessd-bounces at databaseadvisors.com
> [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of jwcolby
> Sent: Sunday, May 31, 2009 10:07 PM
> To: Dba-Sqlserver; Access Developers discussion and problem solving
> Subject: [AccessD] What a mess (otherwise knbown as "who owns things")
> 
> I rebuilt a server from C:\ format on up.  New Windows Server 2003
X64,
> New SQL Server 2005 etc.
> 
> Now the current administrator (apparently) does not own the files on
the
> raid arrays which of course 
> survive quite nicely.  When I tried to attach a database it gave me an
> "insufficient rights" kind of 
> error which I Googled and that tells me that I do not own the files.
I
> took ownership which worked 
> (I can now attach),  but then I tried to attach and it said it
couldn't
> because the files were read 
> only.
> 
> Only it DID the attach, and now I have a database in read only mode,
> which I cannot detach 
> because... it is read only.
> 
> Sigh.
> 
> So... this invites MANY questions...
> 
> 1) How do I take ownership of a disk drive on down and all the files
on
> that disk drive?
> 2) Why are the files read only?
> 3) Now that I have one of the databases mounted (read only) how do I
> detach it so that I can make it 
> read / write and reattach it?  Or how do I make it non-readonly?
> 
> 4)Why did all of this happen?
> 5) Is there an easy way to prevent all this in the future?  I have a
> second server which I will be 
> rebuilding when new parts get here mid week.  New motherboard /
> processor and 5 new terabyte drives 
> for the server I rebuilt this weekend and 5 new drives for the one to
be
> rebuilt next.  Obviously if 
> there is something I can do in advance to prevent this mess I am all
for
> that.
> 
> In fact the new motherboard is the same motherboard as I have in the
> current rebuild, and my plan is 
> to clone the boot drive and just use that clone in the new system.  I
> have gone to much trouble to 
> get all the multitude of software installed etc so when I am done I
HOPE
> to end up with two 
> literally identical machines, other than the second machine having
some
> additional storage (and a 
> next generation processor).
> 
> Any words of wisdom out there?
> 
-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com
The information contained in this transmission is intended only for the person or entity 
to which it is addressed and may contain II-VI Proprietary and/or II-VI Business 
Sensitive material. If you are not the intended recipient, please contact the sender 
immediately and destroy the material in its entirety, whether electronic or hard copy. 
You are notified that any review, retransmission, copying, disclosure, dissemination, 
or other use of, or taking of any action in reliance upon this information by persons 
or entities other than the intended recipient is prohibited.





More information about the AccessD mailing list