Solved

Tips for taking over inherited network

Posted on 2004-09-08
2
149 Views
Last Modified: 2010-04-14
I recently inherited a Win2k AD domain.  From recent troubleshooting, I've come to realize that there are some definitely questionable settings and configurations on our network.  With this network, I inherited no (as in zero, zilch, nada) in the way of documentation, so I started out creating basic documentation of all critical systems and settings (DHCP, DNS, Group Policy).

Recently I have come across the following realizations about the network:

-1 Domain Controller also acting as DHCP server for remote site.
-Everyone group had far too many NTFS permissions (this has been resolved)
-Something flakey going on with DNS (enabling scavaging apparently removed critical CNAME records, rendering our inter-site replication useless until this was repaired)
-No redundency for DHCP servers
-No DNS redundency for remote sites

This is just the beginning of the list of things that I feel that I will need to sort out in order to get this network running in a way that I feel comfortable with.  I am however a newbie admin, only officially halfway through with my MCSA, and was hoping to get advice on what else I should be documenting and what else I should be investigating to see if setup was done improperly.

I also need to be able to effectively present to my manager a plan and a reasoning behind wanting to change the previous admin's setup.  Example: I know that the DHCP server living on a DC is a bad bad thing.  Everything I read tells me that you don't want to do this, but I need a sound reason to give to my manager as to why (he's a little bit of a micromanager and if he doesn't understand why you want something changed, saying well because I read it's a bad thing to do doesn't cut it).

I don't want to sound paranoid about the previous admin, but it just seems the further I delve into this setup, the less and less competent they appeared to be and I'm hoping to head off any potential trouble that may be on the horizon.

Any tips on what else to document, any tools to help diagnose the health of the directory, etc is greatly appreciated.

Thanks!
Michelle
0
Comment
Question by:Altarum
  • 2
2 Comments
 
LVL 40

Accepted Solution

by:
Fatal_Exception earned 50 total points
ID: 12010912
Just present it in a way that asks what is the downtime cost of your DC (which it seems is running EVERYTHING) will cost the organization.  To rebuild your DC, it would probably take most of the day, and that is only if you have the parts on-site..  And I don't see you mentioning Backups here...?  Have you cked them to make absolutely sure that your data is good, and the tapes (I assume you are using tapes) are still good?  

You can run DHCP on your DC, but it does add overhead to your network.  The best way to go about this is to have dedicated servers, but if cost is the problem, then just push for 2 DC's and put DHCP on both, but limit the scopes of each so they do not overlap.  

The most important part is getting that second DC up and running.  Ask him what would happen if no one in the organization could access their data..  How many employees do you have?  Times the downtime hours...  If he is a good executive, he will write a ck for you the same day..

FE
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 12965275
Thanks and best of luck.

FE
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
For cloud, the “train has left the station” and in the Microsoft ERP & CRM world, that means the next generation of enterprise software from Microsoft is here: Dynamics 365 is Microsoft’s new integrated business solution that unifies CRM and ERP fun…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now