Solved

Block Active Directory Interference

Posted on 2006-11-16
3
241 Views
Last Modified: 2012-06-27
Hello Experts,

This is going to sound super paranoid, but put yourself in my shoes before you judge...

Here's my dilemma. I work for a school (school A) that sells some of my time to another school (school B). School B uses active directory and school A does not. School B requires that I use outlook for email, which in turn requires me to be on their domain. Since I am a competent tech administrator, I want to avoid active directory interfering with anything on my computer: i.e. I don't want them to push updates down to me, don't want them to have access to my files / registry / etc... loss of control = sad tech guy

I have removed Domain Admins from my local administrator group and anything else domainish from other groups so I think that should take care of most of it, but what I need to know is can they still do anything just because I am a member of the domain?
If so, what ports / services do I need to block to ensure that I don't have to worry about any funny business like my computer restarting in the middle of an unsaved page of code because they are sending down updates?

Also, how do I remove any group policies that they have pushed down and prevent this from happening in the future.

Thanks in advance,

-jkorz
0
Comment
Question by:jkorz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 9

Expert Comment

by:trenes
ID: 17958871
Hi jkorz,
> School B requires that I use outlook for email,
Can't they use OWA? So you wont have to login into their domain.

But in my opinion, If you dont trust them you should not work for them.

I hope somebody has any tips for you.

Cheers!
regards,

Trenes
0
 
LVL 8

Author Comment

by:jkorz
ID: 17959633
I could use OWA, but I would rather use the client.

It's not that I don't trust them per-se, they have a contracted network admin who doesn't spend much time here and relies heavily on the centralized management that AD provides for updates, security, etc... (things that normal users don't worry about, but I take care of). I want to do what I can (as opposed to relying on others) to avoid any more complications.
0
 
LVL 9

Accepted Solution

by:
trenes earned 500 total points
ID: 17959884
Try asking the admin to place you in an "admin" OU, that is not linked to any gpo.
That should fix things you worry about.
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question