Core Infrastructure and Security Blog
Copied!
Home
Options
823
Stanislav Belov on 01-16-2020 11:59 PM
569
wallenc on 01-13-2020 12:01 AM
2,182
Bruno Gabrielli on 01-05-2020 03:01 PM
2,573
John_Clyburn on 12-30-2019 12:00 AM
7,183
LijuV on 12-22-2019 09:00 PM
2,995
Stanislav Belov on 12-17-2019 11:55 PM
3,381
John_Clyburn on 12-16-2019 12:00 AM
19.7K
Mike Kammer on 12-10-2019 06:21 AM
3,984
Paul Bergson on 12-04-2019 02:12 PM
5,669
wallenc on 11-26-2019 01:08 PM
2,552
Zoheb Shaikh on 11-19-2019 06:22 AM
1,853
Stanislav Belov on 11-12-2019 11:00 PM
3,230
SteveMat on 11-11-2019 02:27 PM
52.9K
Alan La Pietra on 11-04-2019 06:26 AM
834
Sean Leonard on 11-01-2019 03:23 PM
847
Joe_Zinn on 11-01-2019 03:22 PM
948
Joe_Zinn on 11-01-2019 03:22 PM
908
Joe_Zinn on 11-01-2019 03:22 PM
753
Sean Leonard on 11-01-2019 03:21 PM
744
Joe_Zinn on 11-01-2019 03:21 PM
715
Joe_Zinn on 11-01-2019 03:21 PM
1,953
Joe_Zinn on 11-01-2019 03:20 PM
758
Joe_Zinn on 11-01-2019 03:20 PM
1,049
Joe_Zinn on 11-01-2019 03:20 PM
1,146
Joe_Zinn on 11-01-2019 03:20 PM
1,840
Joe_Zinn on 11-01-2019 03:20 PM
2,276
Joe_Zinn on 11-01-2019 03:20 PM
759
AMARSIGLIA on 11-01-2019 03:20 PM
779
Joe_Zinn on 11-01-2019 03:20 PM
729
ktackett on 11-01-2019 03:17 PM
Latest Comments
@Alan La Pietra Can you please clarify what effect this update will have on Ldap CLIENT signing (LdapClientIntegrity), specifically if it's currently set to negotiate? We are successfully using the following settings without any problems:DCs = policy "Domain controller: LDAP server signing requireme...
0 Likes
Don't know why, but the post from 01-08-2020 is gone.My summary and suggestion for this issue (check it yourself !); I hope I have described everything correctly and others can use it as a template to deal with this topic. Good luck in march. Ignore LDAP channel binding token (LDAP CBT) stuff: The s...
0 Likes
@JMHahnWe have several hundreds of domains, with some customers having hundreds of third-party applications, many of which are using LDAP. I did monitoring for one of the customer and have got the following list of applications: AirwatchJiraWebproxyApp for 2-factor authenticationVPNIdentity synchron...
3 Likes
@JMHahnvery good words ! It is very confusing changing the interpretation of a registry key with an update, which will result in a wrong description in the Group Policy explanation.
0 Likes
@RossUA You would definitely want to know which DCs receive normal 389 LDAP authentication request from third-party applications before you decide which DC to include/exclude. This wouldn't be difficult via the event logs, but you would want to quadruple check everything. The benefit is that you'd h...
3 Likes