Where to put SSL certificate for LDAP …

Protecting LDAP traffic with SSL is a good idea, especially if in network environment some applications are (ab)using LDAP as authentication protocol. Some explanation of abusing word – LDAP never was designed as authentication protocol (like Kerberos is). Its name states it clear “DIRECTORY ACCESS PROTOCOL”. However because it is simple to use and effective … Continue reading "Where to put SSL certificate for LDAP …"

Geneva Beta 2

A bit late news but during TechEd which took place some time ago a new release, Beta 2 of Geneva family was announced. For those who are not familiar with Geneva it is code name for new family of products around federation and identity management. (cc) loops Geneva product family id build from three components … Continue reading "Geneva Beta 2"

Well … real men don’t mind son as well

Sander wrote few days ago that “Real man have a daughters”. I even don’t know what real man definition is but I would say that if I fit into this definition I don’t mind to have son and I’m really happy and proud that our family has new member.   Wojtek was born on 6’th … Continue reading "Well … real men don’t mind son as well"

Default Account Operators permissions on DC object

Active Directory Documentation Team has put on the web interesting post about default permissions of Account Operators (AO) group which might be present on DC object as a result of ACLs placed earlier on computer object.   (cc) ph0t0 {loves you too} In short words: AO are being granted permissions to manage many objects in … Continue reading "Default Account Operators permissions on DC object"