DNS Commands and Managing Servers
Although all of the recommendations Mark Burnett makes in his article "Segregate
Your DNS Servers" (September 2006, InstantDoc ID 92660) are good and the
content is accurate, the article should have noted that some of the commands
it contains significantly alter the manageability of a Windows 2003 DNS server.
Most Windows system administrators are used to working in a GUI-driven environment. The more proficient administrators have at least passing familiarity with the command line. However, using the recommended command
dnscmd /Config /RPCProtocol 0
results in a DNS server that is unmanageable via either GUI or the DNSCMD utility. Attempting to connect to the system either remotely or from the local console with the dnsmgmt.msc console will fail, and executing the dnscmd.exe utility to connect to the server results in an error 1722 (RPC server not available). Although this configuration might be desirable in a very locked down environment, there needed to be a qualifying note included in the article explaining this effect, such as a suggestion that the configuration be set via a script so that it can be quickly reversed if system changes are desired without having to resort to BIND-like editing of the zone or other configuration files.
It should also be noted that running
dnscmd /ZoneAdd ./Primary
will result in the server being unable to resolve any host that is not listed
in a zone for which the server is authoritative or hosts as a secondary zone,
or that is explicitly listed in the %windir%\system32\drivers\etc\hosts file.
Although this might be obvious to a more seasoned Windows administrator, I suspect
there are a large number of Windows admins who read your magazine who might
not be immediately aware of the effect of being "root" from a DNS
perspective.
—Levi Spears
Postini Pricing
I read the Buyer's Guide "Antispam Solutions for Business" (January
2007, InstantDoc ID 94326), and I think it's a little misleading to list Postini's
Perimeter Manager Enterprise Edition as costing $43,000 for two years and up
to 1,000 users. You can purchase the Perimeter Manager solution for a small
to medium-sized business: I've got a contract for 150 users and it costs me
less than $5,000 a year. I believe Postini's pricing is competitive, but a $43,000
price tag in a table where the pricing for other products is listed at $2 per
month can be misunderstood pretty easily.
—Andy Ognenoff
Upgrading to Vista
I read Karen Forster's IT Pro Perspective article "The Value of Vista,
Office, and Exchange" (January 2007, InstantDoc ID 94455) and wanted to
respond to her question about plans to upgrade. I'm the director of a five-person
IT department that supports a 500-user, 20-location company. Because our organization
replaced 80 percent of our desktops with thin clients, we don't have a large
base of Windows XP workstations. Our largest XP installed base is our mobile
laptop users. Our focus has been and will continue to be the enterprise applications
that we use to run the business. We will continue to keep our data in the data-center
and host our applications on the network. We will keep using VPN and Terminal
Services to provide internal and external access to applications and data.
In the past, there was a huge need to upgrade Windows at the desktop because it was missing things or was buggy. I really don't see that now. XP is secure, reliable, and plug-and-play. After upgrading to Vista, users will still need to purchase third-party products for everything they purchased third-party products for in the past. Like XP, Vista won't provide the tools users are going to need: They'll still need access to enterprise apps, an office suite, and everything else. Vista is just the OS. I know Microsoft claims that Vista will cost less to maintain, but even Microsoft admits that it's a small margin. I expect the savings would disappear if end-user and IT training were included, not to mention the cost of porting the odd apps to the new OS. By the time that margin of cost reduction pays for itself, it will be time to move to the next OS. We'll be replacing XP only as part of the hardware replacement cycle.
I don't mean to sound negative. Microsoft has done a great job on Vista and
deserves credit for where business computing is today. Home users will probably
be totally impressed with the new look and feel. But business goals are well
beyond finding a good desktop OS. I think Microsoft knows this, and that's why
it's offering an ever-increasing line of application servers and packing capabilities
such as VoIP in the next release of Exchange. I'll be interested in the new
and improved Terminal Services capabilities in Longhorn Server, but Vista isn't
much more than a blip on my radar.
—Nate McAlmond
