Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [best-practices]

Questions asking for best practices in a given field. Be aware, that sometimes there might be no generally accepted best practices, in which case the question is likely to be closed for being subjective.

351 questions
3
votes
3 answers

How much failover redundancy is enough?

I'm working on a client-server system where all clients currently submit their transactions to essentially a single west-coast IP address to reach what is called the "gateway" application. The gateway does some accounting and dispatches each…
Witness Protection ID 44583292
  • 191
  • 5
3
votes
1 answer

Why is PHP open_basedir not considered a security model

On servers doing shared web hosting, or sharing the PHP environment between different PHP applications, I usually implement a security policy that uses PHP open_basedir to restrict each user to his/her own directory (along with other PHP directives…
Lætitia
  • 2,085
  • 22
  • 33
3
votes
2 answers

Should i put all my servers into my domain?

I am setting up a lab/mock-up network and i'm wondering if is considered bad practice to add all my servers to my Windows Domain. Of course the DC must be part of the domain, and any server that users log in to, such as VPN must also be part of the…
ThePopcorn
  • 81
  • 1
  • 2
  • 7
3
votes
1 answer

Current Best Practice for using AD to auth Linux (2013)

As far as I'm aware, there are 3 (common) ways to use Active Directory as the Authentication and Authorization for Linux hosts: LDAP Kerberos Samba/Winbind Is there a (current) consensus on which method is the best practice? I've never been…
fukawi2
  • 5,396
  • 3
  • 32
  • 51
3
votes
2 answers

What are best practices for creating a system account? (*NIX)

I've manually installed a service called Gate One into /opt. I want to harden its security, so I thought I'd create a system account for it to use, because of least necessary privileges, and all that. However, when I ran adduser --system gateone, it…
strugee
  • 891
  • 11
  • 25
3
votes
2 answers

One active directory server for one geographical site?

we have an 2008 R2 active directory server on our main site. Recently we opened a small secondary site. My question is pretty simple : our 2 sites are connected with a VPN, is it mandatory for us to install a secondary AD server on our secondary…
Alex T.
  • 185
  • 2
  • 12
3
votes
2 answers

Using RAID1 vs. rsync pros and cons

I am building myself a Linux NAS/home server. I am considering either using sw RAID-1 (mdadm) to replicate data or alternatively just rsync them periodically. What are advantages/disadvantages of both approaches. I am adding my assumption as an…
Stan
  • 199
  • 1
  • 1
  • 5
3
votes
1 answer

Is it a bad idea to do an OVF Export of a VM with snapshot data?

I'm currently using a VM running on ESXi 5.0 to dry-run installation procedures for a software product. We're trying a whole different bunch of things, so I'm making extensive use of snapshots to save my place at various points. Now, I know a thing…
Vishal Kotcherlakota
  • 197
  • 3
  • 12
3
votes
0 answers

IIS 7.5 Request Filtering - best practice rules?

Im looking for a set of best practice rules for Request Filtering similar to what UrlScan adds by default. Any suggestions or an example list of filters is much appreciated. By default IIS 7.5 only has File Name Extensions, and Hidden Segments…
Anders Vindberg
  • 161
  • 1
  • 3
3
votes
2 answers

Internal Network/Server Separation Best Practices

I have a block of 5 static IP's, and am going to be running a exchange and web server on-site. I am wondering if I should separate the web server IP, Mail IP, and internal network IP. What would the best practices for separation of the internal and…
Reid
  • 411
  • 6
  • 17
3
votes
3 answers

Win7 Domain User Profile- Desktop Icon management best practices request

Here's the situation: We have a large (5,000+ user) organization that is currently using folder redirection to manage the windows desktop icons. This folder is redirected to a network share where we can centrally manage the different sites and such.…
Doltknuckle
  • 1,254
  • 7
  • 25
  • 32
3
votes
2 answers

things to check prior to moving all FSMO roles to a new domain controller before decommission original old domain controller

need to move a domain controller, the first in the forest that holds all the fsmo roles, to another location in a clients building. it will require turning off this dc, call it dc1 for this question. i want to transfer the fsmo roles to a new domain…
dasko
  • 1,244
  • 1
  • 22
  • 30
3
votes
2 answers

Best practices for managing a web-server

Hi I want to ask what are the best practices when installing new software on a web-server, I'm pretty much self-taught, I have on my home PC: Ubuntu 11.04 with LAMP installed, and a VPS that I manage myself that runs CentOS 5.6. I usually just test…
fiftyeight
  • 157
  • 1
  • 7
3
votes
2 answers

How can I check access of a Group/User in AD before I delete it?

I'm cleaning up an inherited domain that is not well documented. How can I check that a particular group or user has no ACEs across the AD? Things like searching DACL/SACL for AD objects and file server objects. Do administrators even do that kind…
zen
  • 211
  • 5
  • 11
3
votes
1 answer

SAN design: File & Block level access?

The short question: can I share file and block level traffic on the same SAN? Perhaps more importantly, should I? The gory details are below... I'm hopefully putting the finishing touches on a new SAN design, and our new planned storage (EMC…
CC.
  • 1,196
  • 1
  • 10
  • 22
1 2 3
23 24