Skip to Content.
Sympa Menu

ad-assurance - RE: [AD-Assurance] RE: Call Today Noon ET

Subject: Meeting the InCommon Assurance profile criteria using Active Directory

List archive

RE: [AD-Assurance] RE: Call Today Noon ET


Chronological Thread 
  • From: Ron Thielen <>
  • To: "" <>
  • Subject: RE: [AD-Assurance] RE: Call Today Noon ET
  • Date: Fri, 22 Mar 2013 18:49:12 +0000
  • Accept-language: en-US
  • Authentication-results: sfpop-ironport04.merit.edu; dkim=neutral (message not signed) header.i=none

I didn't volunteer, but I already looked into it.  I added two footnotes to the Gaps page that explain that in Windows Server 2008 and later Kerberos uses AES for encryption and Kerberos is used for the RPC synchronization between DCs.  So as long as you don't use SMTP for sync'ing, you're good to go.  :-)

 

Ron

 

From: [] on behalf of Ann West []
Sent: Friday, March 22, 2013 1:39 PM
To:
Subject: Re: [AD-Assurance] RE: Call Today Noon ET

I think I missed this in my notes, unless this is included in Lee's AI? Lee, does that sound right to you?

Ann

On the last item there is a tbd pending research into protection of passwords during DC replication. Someone on the call took that research as an action item.



Archive powered by MHonArc 2.6.16.

Top of Page