Lately I have to explain to one of our customers how to create attribute in Active Directory which can be protected with additional permissions from reading its content. Such possibility was introduced in Windows 2003 SP1 but when I looked for some information to point our customer to I didn’t found much documentation so I … Continue reading "How to create and use confidential attributes"
I want to get back to ADFS configuration once again. In current version of ADFS documentation available on Microsoft web site one important – in my opinion – thing was omitted and I know that it would not be updated in short time, I think about ADFS auditing. ADFS comes with some auditing capability available … Continue reading "[R] ADFS one more time – auditing"
InfoWorld invited few major providers of IdM solution to some kind of competition in IdM solution implementation. The challenge was to build IdM solution in specific scenario which involved integration of HR system, Active Directory, Exchange and Linux. Results of this challenge can be read on the Infoworld's web page.
On the Microsoft Downloads new document regarding MIIS 2003 capacity planning has been released. This document presents server configuration recommendation for a server with MIIS 2003 based on test designs. Document can be found on downloads web site.
Today I found MIIS User Group on Yahoo and get signed up to it. After first day it looks like valuable source of information about MIIS implementation. If anyone interested in reading about other people problems with MIIS or getting some help with configuration or code I encourage You to sign up to this list. … Continue reading "[R] MIIS User Group on Yahoo"
Three weeks ago I performed a session about ADFS on polish conference – Microsoft Technology Summit 2005. In this session I used my ADFS lab to show working example of federated Windows SharePoint Services and ASP .NET claim aware application (application is really big word for my application :), this was only few pages with … Continue reading "[R] Setting up ADFS lab"
Brett Shirley on in one of a threads on activedir.org mailing list mentioned one .additional. switch which can be used in conjunction with dcdiag.exe command. DCDIAG is well known and extremely useful diagnostic tool used in many different Active Directory troubleshooting aspects to get information about current view of AD. When You will use /? … Continue reading "[R] DCDIAG debug switch"
When it comes to searching for an object in the LDAP directory (like Active Directory) most of us will use a LDAP filter to display the objects we are looking for. An LDAP filter is a quick and easy way to construct queries that will be excecuted against the target directory service. Most of the … Continue reading "[R] Using LDAP search filter to query attributes without value"
Hmm, I have moved several times as I traveled for study or work among Poland. But I've never moved in virtual space – until now. I had my blog since some time, it crashed (remeber to always have backup 🙂 ) and I rebuilded it. From some time I talked with Carlos abotu DirTeam and … Continue reading "Blog movement"
Doing a lot of work with Kerberos delegation over the past few years and I have encountered many reasons why the delegation won’t work. One reasons so often not thought of or left out is duplicate SPN entries. Now I know its easy to say who would add a duplicate entry but when administrators get … Continue reading "One reason why Kerberos delegation wont work."