iPad / iPhone Certificate Issuance

Hey all, Rob here again. It’s been a while since I have written a blog post, and this one was too interesting to pass up. I recently worked a case around deploying certificates to Apple iPhones and iPads to secure their network communications. The investigation uncovered that Apple devices can get certificates via the Simple… Read more

Happy 25th Birthday Windows (tomorrow)

On November 20th, 1985 Windows 1.0 launched. It fit on just two double-sided floppy disks and needed 256K of RAM – although you needed 512K if you wanted to actually run more than one program at a time. Within a year it had some incredible new features like postscript printer drivers and MS-DOS 3.2 support!… Read more

Reading LDAP SSL Network Traffic with NetMon 3.4 and NMDecrypt

Hi folks, Ned here again. Today I show you how to decrypt LDAP traffic protected by SSL by using Network Monitor and its handy add-on NetMon Decryption Expert. This is useful when you need to see what an application is asking your domain controllers, especially when that app has lousy logging. Since the traffic is… Read more

New ADFS Content on TechNet Wiki (11/16/2010)

Hello everyone! Adam has published a new round of content for Active Directory Federation Services (ADFS) to the TechNet Wiki. These articles include troubleshooting information and how-tos to assist you when you are evaluating, implementing, or troubleshooting ADFS. AD FS 2.0 – How to change the Federation Service Name  AD FS 2.0 – How to… Read more

New Directory Services KB Articles

Hi everyone, we have a few new and updated articles from last week that are Directory Services related.  Content ID Title 951581 LDAP queries are executed more slowly than expected in the AD or LDS/ADAM directory service and Event ID 1644 may be logged 933430 Clients cannot make connections if you require client certificates on… Read more

Yeowza, 0x1f4 articles!

And I just noticed that the last post put us to our 500th article. That’s a post every 205,200 seconds! Wait, that doesn’t sound impressive. That’s a post every 2.3 days! OK, not quite Raymond Chen or Keith Combs, but it will have to do. You have kept us going with your comments, questions, and… Read more

Friday Mail Sack: General Lejeune Edition

Hello everybody, Ned here again to share some conversations. This week I talk some SMB security, domain renames, file compression, and DFSR DFSR DFSR! Domain rename registry key orphans and determining if a rename ever happened DFSR compression recommendations for Office 2007+ “Server SPN target name validation level” Clustering DFSR on WIn2003 and Win2008 non-R2… Read more

Think Positive

In this line of work it‘s hard to remain optimistic. You deal with mistakes, bugs, ignorance. You repair more than you create. You often work for those who cannot comprehend what you do. Your most carefully laid plans unravel owing to the incredible complexity of distributed systems. You begin to expect the worst out of… Read more

Migrating DFS Namespaces to Preserve Old Domain Names

Hi folks, Ned here again. A few years ago Dave Fisher wrote a treatise on how to migrate your domain-based DFS namespaces from one forest or domain to another. It works great and a lot of people have found his article helpful. Recently, a few customers have asked how they can migrate a namespace out… Read more

New Directory Services Content 10/24-10/30

KB Articles Article No Title 314282 Lingering objects may remain after you bring an out-of-date global catalog server back online 2447414 User GPP Scheduled Task item fails to apply and logs event id: 4098 with 0x80070005 “Access is denied.” 919151 Error message when 64-bit versions of ADPREP fail to execute when they run on 32-bit… Read more