Best Practices for Securing Active Directory

Better Late Than Never… Hello again, world’s most sporadic blogger here. A while back, I posted here recommending that people who are interested in admin-free Active Directory stay tuned to this site. The reason for that post was that I’d just learned that we were going to write and publish a document that would include…


I Have Not Fallen Off the Face of the Earth. Not Yet, Anyway.

Me, and My…Blog As I’ve noted previously, I’m a terrible, terrible blogger. It’s not that I don’t have content for this blog, mind you. It’s that I have a whole pile of it backed up, waiting to be polished and published. However, before I can post any of it, I have to do things like…


Lost all of your Zune DRM’d songs?

So, it turns out that if you don’t sign into the Zune marketplace for 30 days, all of your DRM’d content expires. I got a new 64 GB Zune HD recently and couldn’t figure out why it was loading so slowly. I usually just sync my Zunes when I’m home, because my work laptop (which…


Publishing Delta CRLs on IIS 7

If you have migrated or upgraded the sites on which you host your CA CRLs and delta CRLs to IIS 7, you may have noticed a (rather frustrating when you’re experiencing it) new behavior. IIS 7 will, by default, reject requests containing double escape characters (for example, files containing a “+” sign in the name, such as…


Virtualized Offline CAs

  First, the warnings: 1. Sometimes I am a bit of a salmon, meaning that I have a tendency to swim upstream, metaphorically speaking. More specifically, I like to take current thoughts around “best practices” and pick them apart to see if they actually make sense as a best practice. One of my favorite words…