271
264
170
158
172
147
150
142
140
141
145
143
138
138
142
146
142
143
139
138
138
115
82
58
47
28
30
28
27
26
Dustin Adam
in
BitLocker, Intune, and Raven
on
12-05-2019
@Paul Bergson; Great Article, my organization has moved to using InTune
for BitLocker management and reporting, and it works spectacularly well.
However, one thing your article leaves out that we had to learn the hard
way: As a Hybrid-Join tenant, BitLocker will only escrow the BitLocker
key to AD O...
0 Likes
Ricoli610
in
LDAP Channel Binding and LDAP Signing Requirements - JANUARY 2020 Updates
on
12-04-2019
@Alan La Pietra @ChadWst Thank you for all the additional information
and links.Just flagging up that I've tried changing the Domain
controller: LDAP server signing requirements setting in the DDCP from
None to Required and this changed the ldapserverintegrity registry entry
from 1 to 2 (below
HKLM\...
0 Likes
Alan La Pietra
in
LDAP Channel Binding and LDAP Signing Requirements - JANUARY 2020 Updates
on
12-04-2019
Adding some other information Important to point out: LDAP over TLS/SSL
communication are already signed as TLS would detect any modification of
the payload as it can't be decrypted. The behavior for LDAP simple binds
and LDAP simple binds through SSL are as follows: LDAP simple binds are
rejected I...
0 Likes
ChadWst
in
LDAP Channel Binding and LDAP Signing Requirements - JANUARY 2020 Updates
on
12-04-2019
@Alan La Pietra -- Another follow-up to your response. Up til this point
I have considered LDAP signing and LDAP CBT mutually exclusive. Is this
accurate? For example, could we disable LDAP signing=REQUIRED and move
forward with CBT = 1? These changes dont have to be done together right?
0 Likes
Buddy8118
in
ADFS Deep-Dive: Onboarding Applications
on
12-03-2019
Most Enterprise Architecture doesnt even know half of these stuffs, and
yet they often agreed to onboard SaaS based applications and let the BAU
guys to figure things out.Excellent post!
0 Likes