2012-1
16

Matt Hitchcock posted some cool comments about Windows 8 AD

Category: Active Directory | No Comments

http://matthitchcock.com/2012/01/08/active-directory-in-windows-8-first-look/

2011-10
25

October was a bad month for computing founders

Category: Active Directory, Bobel, Cloud | Tags: | No Comments

Apple http://en.wikipedia.org/wiki/Steve_Jobs

C http://en.wikipedia.org/wiki/Dennis_Ritchie

LISP http://techcrunch.com/2011/10/24/creator-of-lisp-john-mccarthy-dead-at-84/

2011-10
5

Steve Jobs 1955 – 2011

Category: Bobel, Cloud | Tags: | No Comments

You have to be impressed by this guys life – http://www.cnn.com/2011/10/05/us/obit-steve-jobs/index.html?iref=BN1&hpt=hp_t1.

2011-10
4

ActiveRoles Update 3663 just released!

Category: Active Directory, Cloud | Tags: , , , | No Comments

Last week development released the 6.7.3663 update for ActiveRoles Server.  Included in the update are some generic fixes as you would expect, but there is also a set of updates for a long standing limitation that only Internet Explorer worked properly. This update adds multi-browser support  and allows the ActiveRoles web interface to be accessed from the following browsers:

  • Firefox 5.0 and 6.0
  • Google Chrome 13
  • Safari 4 and 5
  • Windows Internet Explorer 7.0, 8.0 and 9.0
ActiveRoles w/3663 installed running on Google Chrome displayed with altered color scheme.

It is interesting that the release notes don’t mention IE 6.0, but with information like this (http://en.wikipedia.org/wiki/Internet_Explorer_6) being prevalent around the Internet it is not surprising.  With the everyday increase in hacking and exploits attacks – anyone still using IE 6 should be afraid, very afraid and move to a secure and supported browser immediately.  My installation experience was good. Installation went as expected with no surprises and things continued to work including the add-ins for QAS and Defender. Changing the color scheme is a bit tricky since you really are setting a single color that will be used in place of the standard Blue UI color. But for many customers this will be a welcome change from modifying XML files with new color codes.

Customers can download the update from Quest support https://support.quest.com/Search/SolutionDetail.aspx?id=SOL78214.

2011-9
23

Bhold what Microsoft bought

Category: Active Directory, Microsoft | Tags: , , , , | No Comments

Micrsosoft announced the aquistion of Bhold to enhance the FIM family of products.

http://www.microsoft.com/pathways/bhold/

http://blogs.gartner.com/ian-glazer/2011/09/23/bhold-wins-the-microsoft-iag-lottery/

 

2011-9
23

Defender & ActiveRoles MMC Integration

Category: Active Directory | Tags: , , , , | No Comments

For ActiveRoles customers using or considering using Quest Defender, integration between the two products is a requirement. Being able to perform OTP token management from the point where user management is performed is one key to efficient management of strong authentication.

Token Management from the ActiveRoles Web Console

I was working with a customer this week who had a requirement to manage Quest Defender two factor tokens through the ActiveRoles MMC console. While I knew this was under development, I did not realize you can get it today without waiting for the next release of Defender. Integration with the ActiveRoles MMC can be critical for customers who are primarily using the MMC for day-to-day or help desk operations.

Token Management from the ActiveRoles MMC
(click to enlarge)

The ActiveRoles integration pack on the Defender 5.6 CD installs property pages and commands into the ActiveRoles Web Interface only. Separately, Defender Software update 5.6.0.2593 adds token management and property tabs into the ActiveRoles MMC on user property pages. This update can be obtained through the Quest support site and you will need to install two components 1) Defender ARS Integration Pack_Update_5.6.0.2593 and 2) Defender Administration Console_Update_5.6.0.2593.

 

2011-9
16

HTC Incredible to support Near Field Communciation (NFC)

Category: Bobel, Cloud, Entitlement, Mobile Computing | Tags: , , | No Comments

A friend of mine is working on NFC and I wondered if my Android device would support it – well it didn’t but there is a new version of the phone in development that was just tested by the FCC for NFC compatibility.

http://www.nfcrumors.com/08-17-2011/is-the-htc-incredible-s-the-next-google-wallet-enabled-nfc-phone-it-just-passed-through-the-fcc/

2011-9
15

Putting a price on governmental security

Category: Active Directory | No Comments

My colleague Dmitry Kagansky sharing his insites on Security its cost to government.

 http://fedscoop.com/tv/quest-federal-cto-dmitry-kagansky-on-security-in-government/

2011-9
2

Working with Field Labels in ActiveRoles

Category: Active Directory | Tags: , | 2 Comments

In the past it was common to have a requirement that additional details be presented at the top of a web interface form in ActiveRoles – this would often require modification to the underlying XML making the solution difficult to maintain during upgrades. If the requirement is simple enough there is a workaround that may provide relief in this situation. If you would like to provide limited additional information at the top of a form in the ActiveRoles Web Interface you can add this information to the label field of the first entry. This information must be limited as it is subject to the constraints of the form sizing and so you probably won’t be able to make it look exactly like you require, but you may get it close. Some HTML tags may work, but not all are guaranteed to be available. My suggestion is that you keep things simple like using line breaks and list tags.

  1. Logon as a DS Admin to the web interface you wish to modify.
  2. Click “Click here to customize this form”
  3. Locate the top field and click (edit…) at the far left end of the entry name.
  4. In the Entry name: field enter the text you want to display at the top of the form. Make sure to add any text to the left of the field name already in that entry so that it will continue to display properly.
  5. For example:
    Directions<BR>Contacts may not be used for authentication.You have two choices at this point.<BR><BR><ol><li>If the person will need to authenticate against Active Directory, you should create a user account object on their behalf.</i><li>Continue creating this Contact object.</i></ol><BR> First Name
  6. Click Save
  7. Click Reload

Navigate to the form in the UI so that you can validate your work.

2011-8
30

Smart card presentation at the AFITC

Category: Access, Active Directory, Bobel, Identity | Tags: , , , , | No Comments

Yesterday I had the opportunity to present at the Air Force Information Technology Conference 2011 on HSPD-12 and its impact on logical access control. While preparing for this session I realized I needed to re-visit Microsoft’s PKI (Public Key Infrastructure); especially changes in Windows 2008, Vista and Windows 7 strong authentication support.

The first thing that struck me was how many good resources are available for learning Microsoft’s PKI. Back in 2000 when I first installed a Microsoft CA (Certificate Authority) there didn’t seem to be enough detailed information and over the past eleven years I have only had infrequent occasions to use the software. At this point I want to recommend Brian Komar’s book Windows Server 2008 PKI and Certificate Security (I got the Kindle version for about $39). I also wanted to mention Vadim Podans’ white paper on PKI and using the Quest AD Commandlets to managed. You can download the white paper here and you can get the latest version of the AD CMDLETS here.

I also wanted to give a special thanks to Chen and John from SafeNet for hooking me up with SafeNet middle-ware tools (above) and smart cards that I used for to prep for the session. The software was both intuitive and easy to deploy.