Tuesday, November 24, 2009

What happened to dsa.msc in windows 2008 server



The simple truth is that it's no longer part of the default installation of the server OS, sorry. There's a logical explanation of this for sure. The first that comes to mind is security. Anyone with access to a server can load up users and computers on any member server. This is usually no big deal but with identity theft always on the rise, this is a convenient way to get additional information about users.

With windows 2003 a member server made a nice convenient gateway to AD users and computers by simply executing dsa.msc from the command line or from the start run command. while working out issues on another server, a handy look-up and some times a useful tool to add a test account or to make a quick change to an existing account , was running dsa.msc. Although in environments that had Exchange servers, running this from a member server would not shoe email properties, it was still useful and often meant having to avoid another remote connection to a domain controller.

The image in this post shows the options that should be selected to add this functionality back into member server. The installation of the feature does not require a reboot and only takes several minutes - of course that's on a dual quad core server.
A positive about server support , in particular when the server is an HP or Dell PowerEdge server, is the technology developed and incorporated into server support that facilitates remote access and remote control of servers from the local LAN or through the Internet. The technology that permits this remote control of the console is HP iLO and from Dell it is Dell iDRAC. These two technologies have enabled support to remote control the server's console without having to even have an operating system installed. The technology permits support through the network and on the web.