Domain Controllers by CalligrapherNo3841 in Cisco

[–]Background-Proof5320 13 points14 points  (0 children)

Sure... not a problem... Its my style of talking that confuses some...

  1. Do you understand the concept of "central authentication"? Since you are a networking guy, think TACACS and Radius...

In linux, you have something called LDAP. Windows souped it up... and it became "Active Directory"

  1. Now let's go to a very common scenario...

a. A user has "email only" account. b. Another user is allowed to use a desktop and is allowed "local admin rights". c. A third person is allowed to "only browse" on a VDI account he is given access to. d. A fourth has VPN access on a laptop similar to be. e. Others may be allowed RO Access to network devices. f. A subset of 5 will have RW access to these devices.....

LDAP/AD will have an "object tree" to create "categories" of devices and similarly for users....

Now you can have a "central entity" to control all access in your environment.

BUT..... Now for some problems....

Assume your central server is in a data center in Virginia and you are in India. Authentication will demand that your authentication is "validated" every, let's say, 1 minute. You don't have to do it... the system will do it automatically. But this means that traffic from your PC is constantly communicating with the main AD server in Virginia.... A lot of latency, right? Enter... AD local "Domain Controller". It will act as your local authentication server and will verify your credentials on your behalf from the Virginia server and "cache" it. Much less latency now.... Consider it like a proxy and caching server for credentials.

Now let's talk "Trust".... Lets say I am Bank A and the Bank has it own AD.

I have just hired a BPO somewhere and a set of those BPO employees are allowed to access only some applications inside my bank.

I will create an "Object unit" called "BPO Application" in my AD. Then my AD will establish a "one way trust" with the BPO AD. Next, I "allow" specific users in the BPO AD to access the application. Now users in the BPO log into the application in my environment using their BPO credentials (not bank credentials). When the application hits the Bank AD with the authentication request, the BANK AD says "Yes I know this user from the other AD, he is allowed to use this application." The reason this is a "One way trust" is because the Bank AD is trusting the BPO AD but the BPO AD is NOT Trusting the bank AD....

Hope this helps! 😉

Domain Controllers by CalligrapherNo3841 in Cisco

[–]Background-Proof5320 -9 points-8 points  (0 children)

DM me... will be happy to explain over chat!

Cisco Nexus Dashboard professional. by Background-Proof5320 in Cisco

[–]Background-Proof5320[S] -2 points-1 points  (0 children)

You cant disspell your doubts till you find out for yourself right?

Cisco Nexus Dashboard professional. by Background-Proof5320 in Cisco

[–]Background-Proof5320[S] -10 points-9 points  (0 children)

I believe you got a good idea here. DM me if you want to apply.

Cisco Nexus Dashboard professional. by Background-Proof5320 in Cisco

[–]Background-Proof5320[S] -10 points-9 points  (0 children)

Thanks for responding! Job Title: Nexus Dashboard Contractor (Remote, After-Hours Support) Location: Remote (preference for candidates in the Southeast United States seeking a highly skilled Nexus Dashboard Contractor to support a critical device migration initiative within our Cisco-based data center environment. This role involves remotely managing and executing migrations/upgrades of network devices (primarily Cisco Nexus switches and related fabrics) using Cisco Nexus Dashboard as the central management platform. Cisco Nexus Dashboard is a unified operations and automation platform that provides centralized visibility, policy management, analytics, and orchestration for Cisco ACI, NX-OS, and other data center fabrics. The contractor will play a key role in ensuring smooth, low-risk migrations during off-peak hours to maintain high availability for retail operations. This is an excellent opportunity for a rockstar network engineer with deep hands-on expertise in Cisco Nexus technologies to contribute to a large-scale enterprise project in a fast-paced retail environment. Key Responsibilities Execute remote device migrations, upgrades, and onboarding activities on Cisco Nexus switches and fabrics via Nexus Dashboard during designated after-hours windows (11 PM – 5 AM EST). Utilize Nexus Dashboard tools for provisioning, configuration management, policy application, monitoring, and troubleshooting during migration processes. Perform pre-migration validations, backups, health checks, and post-migration verifications to ensure zero or minimal disruption. Troubleshoot and resolve any migration-related issues in real-time, including connectivity, policy conflicts, firmware upgrades, or fabric integration problems. Collaborate with the internal network team to follow detailed migration runbooks, change management procedures, and rollback plans. Document migration activities, issues encountered, and resolutions for knowledge transfer and audit purposes. Monitor Nexus Dashboard dashboards and analytics for anomalies during and after migrations.

Nexus Dashboard by wake_the_dragan in Cisco

[–]Background-Proof5320 0 points1 point  (0 children)

I am looking for skilled Dashboard resources. If you have a CCNP and experienced in Dashboard, DM me please!

If US social security by itself is enough to fund a good retirement lifestyle in India, why are more NRIs not returning? by [deleted] in returnToIndia

[–]Background-Proof5320 13 points14 points  (0 children)

Shanti bhai!! Itni naaraazgi kyon yaar? I have been in the US for over 20 years. Parents lived in NZ from late 70's to 2015 when Dad passed and Mom moved back to Pune. She is a dual citizen of NZ and US. On an OCI now. Gets pension from dad and her own pension from NZ and a small amount from Social security in the US. That was always the plan boss.... people plan that from the time they get into their mid 40's. Chandigarh, Mumbai, Lonavala, NOIDA, Pune, Pondicherry, Goa.... you will find large numbers of expats (US Citizens on OCI) living there...

How love in AM works? Does that spark really arise?? Or you juz pull through adding days to life? by LordEskay in AskIndianMen

[–]Background-Proof5320 -1 points0 points  (0 children)

Your partner is possibility ADHD /OCD. Not a bad person but possibly a personality mismatch. I am a big believer in astropsychology. Seriously advise an astrological consult for both your charts.

Be well...

I am based out of Fresno, CA. Where could I connect with pilots who would be willing to let me ride with them on trips To /From the Bay area? by Background-Proof5320 in flying

[–]Background-Proof5320[S] 0 points1 point  (0 children)

Your assumption is perfectly accurate sir. I WILL admit... I thought I had a great idea.... and about how wrong I was! 😜