Announcement

Collapse
No announcement yet.

List of services required by member servers

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • List of services required by member servers

    We've got an extremely tight environment. Lots of services were disabled by the previous regime. I am trying to find a definitive list of services required to be running, or NOT disabled in order for a member server to function correctly in Active Directory.

    tia

    -Shane

  • #2
    Re: List of services required by member servers

    Insufficient information provided. What is running on the Member Servers?
    1 1 was a racehorse.
    2 2 was 1 2.
    1 1 1 1 race 1 day,
    2 2 1 1 2

    Comment


    • #3
      Re: List of services required by member servers

      Originally posted by biggles77 View Post
      Insufficient information provided. What is running on the Member Servers?
      I second. What services and\or resources are the member servers providing?

      Comment


      • #4
        Re: List of services required by member servers

        As already mentioned, that is (or should be) done based on the server role.
        Are you saying that you are trying to relax security now because you are having problems?
        Best way to start IMO is to identify those problems as well as the security policies currently in place and how are they applied i.e.
        via GPO, SCW or manually?

        The Security guide from here might come in handy as well.
        Caesar's cipher - 3

        ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

        SFX JNRS FC U6 MNGR

        Comment


        • #5
          Re: List of services required by member servers

          My apologies for the delay..vacation

          In my question, I am referencing a base configuration. A generic server not doing anything.

          The intent is to identify the required ports and services to make a server a member and for it to apply GPO. This is not to relax security at all but to find a definitive source that states at minimum, these certain things need to be open(ports), or turned on (services) to enable a system to be a member and apply policy as such. Does Server service need to be running or can it be disabled, does TCP/IP helper need to be on, etc,etc. What is the bare minimum before it ceases to function correctly within the domain?

          I understand if a system is not providing file/print..you might want to turn that off.

          Things were configured manually and turned off on existing system. We are just now migrating from workgroup to AD. However for documentation purposes and support we are looking to only enable what is absolutely necessary.

          Thanks for the link, it looks like it might help in my research.


          Thanks.
          Last edited by Sarjent; 8th October 2009, 23:36.

          Comment


          • #6
            Re: List of services required by member servers

            Can you list the services which are currently enabled and disabled?
            Marcel
            Technical Consultant
            Netherlands
            http://www.phetios.com
            http://blog.nessus.nl

            MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
            "No matter how secure, there is always the human factor."

            "Enjoy life today, tomorrow may never come."
            "If you're going through hell, keep going. ~Winston Churchill"

            Comment


            • #7
              Re: List of services required by member servers

              Base yourself on the Microsoft SSLF baseline, and tweak it from there..
              VCP on vSphere (4), MCITP:EA/DBA, MCTS:Blahblah

              Comment

              Working...
              X