RE: [TCLUG:11082] A serious question...

["Eric Hillman" <ehillman@cccu.com>]

>         the thing you have to give MS's products credit for, is that they
> are reasonably easy to get a basic setup *working*; mostly by applying
> common sense, a bit of experimentation, and 'doing what looks right'.
> *working well*, or working in a way that differs from what the developers
> anticipated; is nearly impossible. :(

  This is true, but if security, reliability, or just impressing your boss
is an issue, you may want to get familiar with some of the undocumented, or
at least hidden, features of NT.  There are any number of weird little
quirks in an out-of-the box NT setup that will, among other things, allow
remote users to bypass security and read your registry, view the source code
of ASP pages, reboot your server or max out the CPU, etc.

 The amazing thing is that I'm not using the phrase "undocumented feature"
sarcastically in the above.  MS genuinely intended some of these weird
things to be NT's default behavior.

  As always, O'Reilly is a great resource.  Their "Annoyances" series
("Windows Annoyances", "Outlook Annoyances" etc. can be pretty handy.  I
believe they also publish an NT administrators guide.  Also, MS themselves
publishes the "Windows NT Resource Kit", which is an absolute must-have.  If
security is a major issue (say, if you're going to be running ISS outside
your firewall) get the biggest, ugliest, most intimidating book on NT
security you can find, 'cuz it's a big, ugly, intimidating task.

  Luckily, most basic network administration tasks are the same on NT as
they would be anywhere else -- set up IP addresses, make sure your
workstations are all speaking the same protocol, set up some shared drives,
create some users and go.  It's extremely easy to be a competent NT
administrator.  If you're aiming to become an expert, however, prepare to
hit the books.

--
Eric Hillman
UNIX Sysadmin
City & County Credit Union
ehillman@cccu.com