Core Infrastructure and Security Blog
Copied!
Home
Options
409
Stanislav Belov on 01-16-2020 11:59 PM
534
wallenc on 01-13-2020 12:01 AM
2,152
Bruno Gabrielli on 01-05-2020 03:01 PM
2,555
John_Clyburn on 12-30-2019 12:00 AM
7,142
LijuV on 12-22-2019 09:00 PM
2,979
Stanislav Belov on 12-17-2019 11:55 PM
3,351
John_Clyburn on 12-16-2019 12:00 AM
19.7K
Mike Kammer on 12-10-2019 06:21 AM
3,954
Paul Bergson on 12-04-2019 02:12 PM
5,444
wallenc on 11-26-2019 01:08 PM
2,529
Zoheb Shaikh on 11-19-2019 06:22 AM
1,834
Stanislav Belov on 11-12-2019 11:00 PM
3,202
SteveMat on 11-11-2019 02:27 PM
52.1K
Alan La Pietra on 11-04-2019 06:26 AM
815
Sean Leonard on 11-01-2019 03:23 PM
829
Joe_Zinn on 11-01-2019 03:22 PM
932
Joe_Zinn on 11-01-2019 03:22 PM
890
Joe_Zinn on 11-01-2019 03:22 PM
734
Sean Leonard on 11-01-2019 03:21 PM
726
Joe_Zinn on 11-01-2019 03:21 PM
697
Joe_Zinn on 11-01-2019 03:21 PM
1,932
Joe_Zinn on 11-01-2019 03:20 PM
740
Joe_Zinn on 11-01-2019 03:20 PM
1,030
Joe_Zinn on 11-01-2019 03:20 PM
1,129
Joe_Zinn on 11-01-2019 03:20 PM
1,821
Joe_Zinn on 11-01-2019 03:20 PM
2,258
Joe_Zinn on 11-01-2019 03:20 PM
740
AMARSIGLIA on 11-01-2019 03:20 PM
761
Joe_Zinn on 11-01-2019 03:20 PM
711
ktackett on 11-01-2019 03:17 PM
Latest Comments
@Alan La Pietra Can you please clarify what effect this update will have on Ldap CLIENT signing (LdapClientIntegrity), specifically if it's currently set to negotiate? We are successfully using the following settings without any problems:DCs = policy "Domain controller: LDAP server signing requireme...
0 Likes
Don't know why, but the post from 01-08-2020 is gone.My summary and suggestion for this issue (check it yourself !); I hope I have described everything correctly and others can use it as a template to deal with this topic. Good luck in march. Ignore LDAP channel binding token (LDAP CBT) stuff: The s...
0 Likes
@JMHahnWe have several hundreds of domains, with some customers having hundreds of third-party applications, many of which are using LDAP. I did monitoring for one of the customer and have got the following list of applications: AirwatchJiraWebproxyApp for 2-factor authenticationVPNIdentity synchron...
3 Likes
@JMHahnvery good words ! It is very confusing changing the interpretation of a registry key with an update, which will result in a wrong description in the Group Policy explanation.
0 Likes
@RossUA You would definitely want to know which DCs receive normal 389 LDAP authentication request from third-party applications before you decide which DC to include/exclude. This wouldn't be difficult via the event logs, but you would want to quadruple check everything. The benefit is that you'd h...
3 Likes