Marc Valk dot Net
blogging about…… Microsoft, Cloud Computing
Archive for the ‘Security’ Category
Integrated Windows Authentication in IE6 and IE7
In: Security
23 Dec 2009In IE you can set the checkbox “Enable Integrated Windows Authentication” (Internet Options, Advanced Tab, below the heading Security) Internet Explorer version 6 and 7 will use Integrated Windows Authentication whether you have the checkbox enabled or disabled. The big difference lies in the type of authentication which is kerberos or NTLM. If the option [...]
- No Comments
- Tags: Security
Microsoft Forefront Security for Exchange Server integrates multiple scan engines from industry-leading security firms into a comprehensive, layered solution, helping businesses protect their Microsoft Exchange Server messaging environments from viruses, worms, spam, and inappropriate content. start forefrontexchangesetup.exe Accept the License Agreement and click on [Next] You will be warned with the fact that “Microsoft Exchange [...]
- No Comments
- Tags: Exchange, Security
Browsing a local hosted site with IE8
17 Nov 2009Internet Explorer version 8 has got some annoying loopbackcheck. Whenever you want to browse a local hosted site (IIS), it will pop up a security dialog in which you have to fill in your username and password. Whatever combination you fill in, eventually you will get a 401.1. error. You can resolve it by editing [...]
- No Comments
- Tags: IIS, Security
The Machine SID Duplication Myth
In: Security
17 Nov 2009A great article by Mark Russinovich (the creator of the tool NewSID), about the Myth around duplicate Security Identifiers. The NewSID tool is frequently used by System Administrators to change a computer’s SID, for cloning purposes, after you read this article you get a better understanding about SID’s and why the tool has been retired [...]
- No Comments
- Tags: Security
Forefront Client Security and windows 7
14 Oct 2009I just installed a new virtual machine with Windows 7 Enterprise. As I wanted to have some good protection from viruses and malware, I decided to go for Forefront Client Security. I copied the installation files for FCS to a local temp folder, and executed the command CLIENTSETUP.EXE /NOMOM (to install FCS with the MOM [...]
- No Comments
- Tags: Forefront, Security, Windows 7
View Permissions for Reporting Services in SharePoint Integrated Mode
In: Security|SharePoint
15 Jul 2009Setting up security for SSRS in SharePoint integrated mode can be a bit tricky, particularly if you want to set up some of your users to only be able to run reports, but not to be able to modify or change them. I found a great post explaining how to create a Reporting group in [...]
- No Comments
- Tags: Security, SharePoint, SSRS
EWA: Error Data Refresh Failed
In: Security|SharePoint
30 Jun 2009I’ve been struggling for quite a long time with Excel Web Access in combination with a SQL Analysis Server and SharePoint. The problem is that I am able to display an excel file (which is in a SharePoint web part), but whenever I choose to refresh the connection I get the following error: Unable to [...]
- No Comments
- Tags: Kerberos, SharePoint, SQL Server, SSAS
Internet Explorer behaviors with Kerberos Authentication
In: Security
23 Jun 2009A great article from Rob “I Speak Tampa” Greene. He is explaining things that can occur when IE Kerberos authentication fails. You can check it out here.
- No Comments
- Tags: Kerberos, Security
GPO: disable Office ribbon Menu items
In: Security
15 Jun 2009Problem: I needed to disable a menu item in Excel 2007. Resolution: First of all download the ADM(X) templates for Office 2007 (keep in mind I am using server 2008). You can download them here Extract it to a folder, and then copy the contents of the admx folder to C:\Windows\PolicyDefinitions Open your Group Policy [...]
- (1) Comment
- Tags: Group Policies, Security
Kerberos fails when using CNAME records
In: Security
9 Jun 2009If you’re in the middle of implementing Kerberos for something, remember that Kerberos authentication fails whenever you use CNAME records in DNS, instead of A-Records. Why is this? This is because whenever for example IE asks AD: “which account has a SPN registration for kerberos.marcvalk.net”, and kerberos.marcvalk.net is an CNAME for IIS_Server.marcvalk.net, the reply will [...]
- No Comments
- Tags: Kerberos, Security