Marc Valk dot Net
blogging about…… Microsoft, Cloud Computing
Posts Tagged ‘Security’
Active Directory Services Port Requirements
In: Windows Server
25 Jun 2009Nice article explaining all the ports requirements for various Active Directory® and Active Directory Domain Services (AD DS) components http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx
- No Comments
- Tags: Active Directory, Security
Internet Explorer behaviors with Kerberos Authentication
In: Security
23 Jun 2009A great article from Rob “I Speak Tampa” Greene. He is explaining things that can occur when IE Kerberos authentication fails. You can check it out here.
- No Comments
- Tags: Kerberos, Security
GPO: disable Office ribbon Menu items
In: Security
15 Jun 2009Problem: I needed to disable a menu item in Excel 2007. Resolution: First of all download the ADM(X) templates for Office 2007 (keep in mind I am using server 2008). You can download them here Extract it to a folder, and then copy the contents of the admx folder to C:\Windows\PolicyDefinitions Open your Group Policy [...]
- (1) Comment
- Tags: Group Policies, Security
Kerberos fails when using CNAME records
In: Security
9 Jun 2009If you’re in the middle of implementing Kerberos for something, remember that Kerberos authentication fails whenever you use CNAME records in DNS, instead of A-Records. Why is this? This is because whenever for example IE asks AD: “which account has a SPN registration for kerberos.marcvalk.net”, and kerberos.marcvalk.net is an CNAME for IIS_Server.marcvalk.net, the reply will [...]
- No Comments
- Tags: Kerberos, Security
IE8 Security Warning HTTPS content
22 May 2009Since I upgraded to IE8, I’ve been a bit annoyed with the this security warning: It states: “Do you want to view only the webpage content that was delivered securely”. The first time I just pressed Yes, by pressing [Enter] on my keyboard (without reading the warning correctly), which obviously rendered me a incomplete page. [...]
- (9) Comments
- Tags: Internet Explorer, Security, Windows
With th ecommand: rundll32.exe keymgr.dll, KRShowKeyMgr, you wil open up the Stored Credentials Cache of Windows. You can now clear your stored credentials with this tool. Note: this only works in Windows XP and (presumably) earlier (vista isn’t tested). See comments.
- (2) Comments
- Tags: Security, Windows
DelegConfig v2
In: Security
5 May 2009A new version of the Kerberos tool DelegConfig is ready. Download it here. Notable Features: Supports IIS 7.0 (useKernelMode / useAppPoolCredentials) Allows adding backend servers of type UNC, HTTP, LDAP, OLAP, SQL, SSAS, and RDP Allows chaining of multiple hops (versus only a single backend) Performs duplicate SPN check against all trusted domains. /Set/SPNs.aspx – [...]
- No Comments
- Tags: IIS, Kerberos, Security
Document explaining Kerberos & Double Hop
In: Security|SharePoint
15 Apr 2009A nice document explaining Kerberos, the double hop issue and what to do about it. It is also using an example with Reporting Server, Analysis Server and Sharepoint. Check it out @ http://www.ssas-info.com/analysis-services-articles/51-security/1492-enhanced-security-and-integration-of-microsoft-bi-solutions-with-kerberos written by Mark Dasco and Boyan Penev
Sharepoint and SSRS integration
In: SharePoint
2 Apr 2009Integrating reports in dashboards is hot. If you’re organization isn’t analyzing all the data it is gathering to answer questions about your business, you’re going to fall behind. If you have SharePoint , you can integrate Reporting Server and Analysis Server with it (I am not going to tell how to work with SSRS, there [...]
Search for duplicate SPN’s
2 Apr 2009A vbs query from Microsoft to search for duplicate SPN’s: http://www.microsoft.com/technet/scriptcenter/solutions/spnquery.mspx
- No Comments
- Tags: Kerberos, Security