This isn't something which is in line with my day to day work, however this is something which may affect many organizations so I've decided to add my blog to list of sties which will duplicate this information. Secunia has reported critical vulnerability in MIT Kerberos implementation which can result in remote code execution, DoS or information ...

Vista introduces several new functionality and few of then (to be specific two) requires our AD environment to get prepared through schema extension. These schema extension needed to run new Vista's features will be part of LH schema, but LH is still somewhere behind the horizon and we have to take care about it by ourselves. Two new ...

Microsoft has published on Downloads Office 2007 ADM templates for downloads. As Office 2007 will be launched soon and may start to show up in our networks maybe it is worth to take a look at ADM possibilities before this will happen.

Today I had a little chat on e-mail with Alex Tcherniakhovski which was about following topic: how to create export only attribute with Extensible MA to set initial password for newly provisioned account? (OK, this wasn't exactly such topic but this is what it was about :) ). So problem is: we are provisioning new account to some ...

Today on ActiveDir.org ~Eric pointed out interesting feature in ADAM which allows ADAM administrator to configure ADAM instance to reject simple bind attempts on ports without SSL. To do this one have to edit properties of CN=Directory Service,CN=Windows T,CN=Services,CN=Configuration,CN={<GUID>} object and set RequireSecureSimpleBind ...

Some question were raised by few peoples about directory object auditing - mostly in a context of question "Who deleted the object?" - so I've decided to give this topic a little space. Windows 2000\2003 provides us with auditing mechanism which can be used also to track changes for Active Directory objects. Probably this isn't ...

This topic is probably familiar for most of peoples who are playing with Windows systems for a while, but maybe some newbie will get here so here’s the post. Today I responded in some thread on Polish web portal regarding how to audit changes in GPOs and why audit policy changes setting is not doing this as it should be? The answer to ...

I was asked lately to check some things connected with authentication users accessing Apache based web-site against AD. It is quite simple but requires some configuration so I’ve gathered things all together and here is is – how to make Apache web server authenticating users against AD using mod_auth_kerb module. Here’s a ...

Maybe CMS 2002 is not most popular content management software in the world but some people are using it in the real world. This is a case with our customer here who will deploy web application based on CMS 2002 in his network. This company maintains two separated AD forests, one is internal forest for company itself and second is AD forest for ...

Today I finally arrived into office after long time being on-site at customer’s office and I had some time to read blog feeds I’m subscribed to. One of my ‘must read’ blogs is Joe’s blog and I’ve noticed some new entries there. Among them on which I found very interested, and everyone who is still running ...