IDM 4.02 with Win2012 Domain Controllers (2008R2 forest and domain

I am creating a template Windows Server (in VMWare) that will be
deployed to sites. After deployment SOME of these servers will have the
Domain Controller role added.

Our network is fairly volatile - some sites may last a few months - so
we are constantly adding and removing servers.

My concern is that the seemingly insigificant step of installing the
password filter is missed in the rush to get a site running (which of
course it will even without the filter).

Ideally, I would be able to pre-install the IDM password filter in my
template and have it automatically enabled when a server is given a DC
role, but sit dormant and unused when the server is NOT a DC.

Is this possible ?

If not, how close can I come ?

Other thoughts and tactics welcome however I am not allowed to dismember
staff that forget. I checked.


iblackwood's Profile: https://forums.netiq.com/member.php?userid=4017
View this thread: https://forums.netiq.com/showthread.php?t=49525