ad-assurance - [AD-Assurance] RE: NR,*J*IT edits to cookbook
Subject: Meeting the InCommon Assurance profile criteria using Active Directory
List archive
- From: Brian Arkills <>
- To: "" <>
- Subject: [AD-Assurance] RE: NR,*J*IT edits to cookbook
- Date: Fri, 28 Jun 2013 18:16:07 +0000
- Accept-language: en-US
- Authentication-results: sfpop-ironport05.merit.edu; dkim=neutral (message not signed) header.i=none
·
Noting that the use of full disk encryption on DCs running on VMs is not supported by Microsoft [BA] I've made an edit to appendix C to address the concern I voiced on the call today. It now says: A potential issue with the use of BitLocker on Domain Controllers arises if you deploy DCs via virtual machines (VMs), as Microsoft does not
support BitLocker directly within VMs. However, Microsoft notes that if you BitLocker a HyperV host (i.e. the volumes the guest disks are on), the BitLocker protections are enjoyed by all guest VMs. Microsoft may or may not support other full disk encryption
solutions when virtualizing a Domain Controller, so check on support from Microsoft if you run in an alternate configuration. |
- [AD-Assurance] NR,*J*IT edits to cookbook, Eric Goodman, 06/28/2013
- [AD-Assurance] RE: NR,*J*IT edits to cookbook, Brian Arkills, 06/28/2013
Archive powered by MHonArc 2.6.16.