ad-assurance - [AD-Assurance] RE: NR,*J*IT edits to cookbook
Subject: Meeting the InCommon Assurance profile criteria using Active Directory
List archive
- From: "Rank, Mark" <>
- To: "" <>
- Subject: [AD-Assurance] RE: NR,*J*IT edits to cookbook
- Date: Mon, 1 Jul 2013 17:05:06 +0000
- Accept-language: en-US
- Authentication-results: sfpop-ironport01.merit.edu; dkim=neutral (message not signed) header.i=none
|
Brian:
Mark
--------------------------------------------------
Mark Rank
Project Manager - Identity & Access Mgt UCSF Information Technology Services (ITS)
email: phn:414-331-1476
--------------------------------------------------
From: [] on behalf of Brian Arkills []
Sent: Friday, June 28, 2013 11:16 AM To: Subject: [AD-Assurance] RE: NR,*J*IT edits to cookbook ยท Noting that the use of full disk encryption on DCs running on VMs is not supported by Microsoft [BA] I've made an edit to appendix C to address the concern I voiced on the call today. It now says:
A potential issue with the use of BitLocker on Domain Controllers arises if you deploy DCs via virtual machines (VMs), as Microsoft does not support BitLocker directly within VMs. However, Microsoft notes that if you BitLocker a HyperV host (i.e. the volumes the guest disks are on), the BitLocker protections are enjoyed by all guest VMs. Microsoft may or may not support other full disk encryption solutions when virtualizing a Domain Controller, so check on support from Microsoft if you run in an alternate configuration. |
- [AD-Assurance] RE: NR,*J*IT edits to cookbook, Rank, Mark, 07/01/2013
- [AD-Assurance] RE: NR,*J*IT edits to cookbook, Eric Goodman, 07/01/2013
Archive powered by MHonArc 2.6.16.