joeware - never stop exploring...

This is an open call out to the AD Community asking for folks to comment (or email me) with a list of the Role Based Access Control Products that they are aware of. Specifically tools that do NOT use native AD ACLing but instead perform all access via proxy like can be done with Quest [...]

I saw this link on my friend Bob’s blog (http://www.bobbobel.com/the-everything-active-directory-page) today… Everything you need to get started with Active Directory http://blogs.technet.com/b/ashleymcglone/archive/2012/01/03/everything-you-need-to-get-started-with-active-directory.aspx   I see a glaring omission but I will let it slide.      joe Rating 4.00 out of 5

Once again, apologies for the slow turnaround time on this. It was a combination of being really busy with my real job along with the poor questions I asked and the way the poll plugin worked. I had to work out how to extract the raw data from the MySQL DB to make some real [...]

I responded to a USENET AD Group post back in March 2007 and unfortunately someone pinged me on it and said the command line I specified didn’t work. I looked at it and immediately saw that I had made a mistake. The post can be found here: http://help.lockergnome.com/windows2/enforce-password-required–ftopict483580.html The AdFind query is supposed to find [...]

http://www.microsoft.com/en-us/download/details.aspx?id=38785 (I am only a little miffed I wasn’t invited to review this… thanks Laura…) Protecting Domain Controllers Domain controllers should be treated as critical infrastructure components, secured more stringently and configured more rigidly than file, print, and application servers. Domain controllers should not run any software that is not required for the domain controller [...]

I am working on it. I learned a things with that poll… 1. That software wasn’t designed to host a poll with multiple questions 2. I need to write better questions, some people seemed confused with the answers they gave. 3. Some people like to stuff the ballot box (didn’t think I would look at [...]

http://blogs.technet.com/b/trustworthycomputing/archive/2013/01/03/designing-reliable-and-secure-cloud-solutions.aspx   at a basic level there are three main causes of cloud services failure: 1. Device and infrastructure failures 2. Software vulnerabilities 3. Human errors If we anticipate these failures will invariably happen – that indeed they are a constant threat – we need to design cloud services so that when something does go [...]

FTR: I don’t hate virtual machines, I hate the incompetence that surrounds them. — joe (@joewaredotnet) March 13, 2013 Rating 4.50 out of 5

I wanted to share an analogy I wrote that was part of a response to a document effectively describing the cloning of a production AD environment that would live on the same physical network without a firewall. Visualize you have a locked and secured gun cabinet with loaded shotguns with hair triggers. But instead of [...]

I was in a discussion and someone said to me that greater than 60% of Enterprise class Microsoft customers are already virtualizing writeable Domain Controllers in their production corporate environments.  !!!B??u?!l!l!?s??h!!i!??t?!!! I started chuckling when I heard this. I don’t believe even for a second that the numbers are ANYWHERE near that level of penetration. [...]