Reading Time: 4 minutes One of my friends PFE has asked me a question regarding userPassword attribute in directory which was related to some behavior he was observing in customer environment. We had a little chat about it and then I thought that maybe other has such questions as well so … here’s a topic for a blog.  Behavior … Continue reading "userPassword"

Where to put SSL certificate for LDAP …

Reading Time: 3 minutes Protecting LDAP traffic with SSL is a good idea, especially if in network environment some applications are (ab)using LDAP as authentication protocol. Some explanation of abusing word – LDAP never was designed as authentication protocol (like Kerberos is). Its name states it clear “DIRECTORY ACCESS PROTOCOL”. However because it is simple to use and effective … Continue reading "Where to put SSL certificate for LDAP …"

Critical vuln in MIT Kerberos implementation

Reading Time: < 1 minute This isn't something which is in line with my day to day work, however this is something which may affect many organizations so I've decided to add my blog to list of sties which will duplicate this information. Secunia has reported critical vulnerability in MIT Kerberos implementation which can result in remote code execution, DoS … Continue reading "Critical vuln in MIT Kerberos implementation"

Fix for DNS RPC management interface security problem

Reading Time: < 1 minute Some time ago I wrote about a serious problem which is affecting DNS service, to be more specific management interface available through RPC. As DNS is one of heavily used service in Active Directory networks this is real problem. With this month's security patches we can get fix for this problem described in MS07-029 security … Continue reading "Fix for DNS RPC management interface security problem"


Reading Time: 3 minutes Are You using some methods of securing data on Yours laptop hard drive? EFS anyone? I'm curious how many of readers are using TrueCrypt? Until today I've used TrueCrypt as  a solution for secure file storing on my laptop machine. TrueCrypt is really cool tool. It gives You good usability, strong encryption and ability to … Continue reading "BitLocker(ed)"

Schema extensions for Vista new features

Reading Time: < 1 minute Vista introduces several new functionality and few of then (to be specific two) requires our AD environment to get prepared through schema extension. These schema extension needed to run new Vista's features will be part of LH schema, but LH is still somewhere behind the horizon and we have to take care about it by … Continue reading "Schema extensions for Vista new features"