Backup-less implementation - What about security ?
Understanding Role Based Access Control
http://technet.microsoft.com/en-us/library/dd298183.aspx
---
You can assign the permission to the admins only the task he is going to do
Like he can create mailboxes and distribution groups alone
and he cannot remove that mailbox too.
---
Backup less
Split the databases more - Recovery is much easier
--
Have large room for drives which holds the log files
where backup won't purge the log files in our case
--
We can clear in manually once 2 months or so . Depends on your mail flow
Satheshwaran Manoharan | Exchange 2003/2007/2010 | Blog:http://www.careexchange.in | Please mark it as an answer if it really helps you
April 12th, 2012 4:53am
thanks for your comments
I guess I should remove some rights from the admin account and give them to a special account that would be used only for RBAC and recovery.
brgds
brunobruno
Free Windows Admin Tool Kit Click here and download it now
April 12th, 2012 10:35am
am going to post a blog on regards how to use RBAC for a helpdesk
Just have look at my website after like 5 days or so
Thanks
www.careexchange.in
Satheshwaran Manoharan | Exchange 2003/2007/2010 | Blog:http://www.careexchange.in | Please mark it as an answer if it really helps you
April 12th, 2012 11:16am
am going to post a blog on regards how to use RBAC for a helpdesk
Just have look at my website after like 5 days or so
Thanks
www.careexchange.in
Satheshwaran Manoharan | Exchange 2003/2007/2010 | Blog:http://www.careexchange.in | Please mark it as an answer if it really helps you
Free Windows Admin Tool Kit Click here and download it now
April 27th, 2012 11:18am
Hi
i am migrating to exchange 2010 in a Dag (2 copies each local Raid1 disks on different servers + one lagged copy also on Raid1)
If I want to go 'backup-less' for this implementation, I need to confirm the following points:
Solution is ok 'technically' (I think it's the minimal recommended number of copies)
Regulatory compliance does not require the client to have backups
My question is about security: since exchange admins have all rights on the whole environment, what steps could be taken to stop a rogue admin to just crash everything without possibility to restore from backups? Are there recommended best practices to avoid
such kind of 'disaster' by splitting permissions, etc ?
thanks in advance
bruno
April 28th, 2012 6:27am