Active Directory (AD) domain controllers (DCs) have been around since Windows 2000. At that time, virtualization was in its infancy and almost every server was physical. And many of those servers weren’t even housed in a typical datacenter or server closet. Virtualization started to take off in the early to mid-2000s. It enabled the use […]
Virtual Machine Generation ID with Active Directory Domain Controllers Read More »
Microsoft is disabling Basic authentication in an effort to improve data security in Exchange Online. Starting October 1, 2022, Microsoft will begin turning off Exchange Online Basic authentication. (For more information, see the Microsoft article “Deprecation of Basic authentication in Exchange Online”). As of September 2022, Microsoft has provided an update on guidance for the
How to Use the Microsoft Azure Portal to Disable Basic Authentication Read More »
Remediating LDAP security issues is important because the default configurations on domain controllers (DCs) and clients are open to various attacks. Learn how to remediate those issues.
Remediating LDAP Client Security Read More »
Applications that use Lightweight Directory Access Protocol (LDAP) are prevalent in virtually every organization that uses Active Directory (AD). Unfortunately, the default AD configuration provides opportunities for insecure LDAP connections. These defaults have come into focus because of common, widely available AD attack tools such as NTLMRelayX. (For more information about NTLMRelayX, see How to
Monitoring for LDAP Client Security Read More »
Not all organizations require their own PKI solution; however, most leverage Microsoft Active Directory Certificate Services because it integrates directly with their existing Active Directory environment…
Components of a PKI, Part 5: Hardware Security Modules Read More »
Not all organizations require their own PKI solution; however, most leverage Microsoft Active Directory Certificate Services because it integrates directly with their existing Active Directory environment…
Components of a PKI, Part 4: Active Directory Certificate Services Read More »
One important function of Certificate Authorities that’s mentioned briefly in Part 2 of our “Components of a PKI” blog series is the ability to perform certificate revocation, or the CA’s ability to revoke certificates it issued previously.
Components of a PKI, Part 3: Certificate Revocation Read More »
In Part 1 of our “Components of a PKI” blog series, we defined several PKI terms that are useful for understanding Certificate Authorities (CAs—also known as Certification Authorities) and CA hierarchies…
Components of a PKI, Part 2: Certificate Authorities and CA Hierarchies Read More »
Digital certificates (most commonly represented by the X.509 public key certificate standard) are signed data objects that associate a public key with an individual user, device, or entity. In this case, we’re specifically referring to digital certificates formatted using the X.509 standard.
Components of a PKI, Part 1: Digital Certificates Read More »
User attributes are important metadata that should be treated with care. Some organizations do not take user attributes seriously enough, which creates problems when the company tries to automate system access.
4 Best Practices for Hybrid Identity Attributes in Active Directory Read More »
Ravenswood Technology Group is based in Chicago, IL but with customers around the world. We help companies, universities, and other organizations with less than 100 employees to over 500,000 build secure, hybrid infrastructure that enable their users to work from anywhere.
[Recent Blog Posts]
[Expertise]
© Ravenswood Technology Group, LLC
