Core Infrastructure and Security Blog
Copied!
Home
Options
977
Stanislav Belov on 01-16-2020 11:59 PM
591
wallenc on 01-13-2020 12:01 AM
2,201
Bruno Gabrielli on 01-05-2020 03:01 PM
2,583
John_Clyburn on 12-30-2019 12:00 AM
7,211
LijuV on 12-22-2019 09:00 PM
3,005
Stanislav Belov on 12-17-2019 11:55 PM
3,394
John_Clyburn on 12-16-2019 12:00 AM
19.7K
Mike Kammer on 12-10-2019 06:21 AM
4,004
Paul Bergson on 12-04-2019 02:12 PM
5,757
wallenc on 11-26-2019 01:08 PM
2,565
Zoheb Shaikh on 11-19-2019 06:22 AM
1,863
Stanislav Belov on 11-12-2019 11:00 PM
3,252
SteveMat on 11-11-2019 02:27 PM
53.5K
Alan La Pietra on 11-04-2019 06:26 AM
843
Sean Leonard on 11-01-2019 03:23 PM
856
Joe_Zinn on 11-01-2019 03:22 PM
958
Joe_Zinn on 11-01-2019 03:22 PM
920
Joe_Zinn on 11-01-2019 03:22 PM
763
Sean Leonard on 11-01-2019 03:21 PM
753
Joe_Zinn on 11-01-2019 03:21 PM
725
Joe_Zinn on 11-01-2019 03:21 PM
1,962
Joe_Zinn on 11-01-2019 03:20 PM
768
Joe_Zinn on 11-01-2019 03:20 PM
1,058
Joe_Zinn on 11-01-2019 03:20 PM
1,156
Joe_Zinn on 11-01-2019 03:20 PM
1,850
Joe_Zinn on 11-01-2019 03:20 PM
2,285
Joe_Zinn on 11-01-2019 03:20 PM
770
AMARSIGLIA on 11-01-2019 03:20 PM
787
Joe_Zinn on 11-01-2019 03:20 PM
741
ktackett on 11-01-2019 03:17 PM
Latest Comments
@Alan La Pietra Can you please clarify what effect this update will have on Ldap CLIENT signing (LdapClientIntegrity), specifically if it's currently set to negotiate? We are successfully using the following settings without any problems:DCs = policy "Domain controller: LDAP server signing requireme...
0 Likes
Don't know why, but the post from 01-08-2020 is gone.My summary and suggestion for this issue (check it yourself !); I hope I have described everything correctly and others can use it as a template to deal with this topic. Good luck in march. Ignore LDAP channel binding token (LDAP CBT) stuff: The s...
0 Likes
@JMHahnWe have several hundreds of domains, with some customers having hundreds of third-party applications, many of which are using LDAP. I did monitoring for one of the customer and have got the following list of applications: AirwatchJiraWebproxyApp for 2-factor authenticationVPNIdentity synchron...
3 Likes
@JMHahnvery good words ! It is very confusing changing the interpretation of a registry key with an update, which will result in a wrong description in the Group Policy explanation.
0 Likes
@RossUA You would definitely want to know which DCs receive normal 389 LDAP authentication request from third-party applications before you decide which DC to include/exclude. This wouldn't be difficult via the event logs, but you would want to quadruple check everything. The benefit is that you'd h...
3 Likes