Skip to Content.
Sympa Menu

ad-assurance - RE: [AD-Assurance] RE: Call Today Noon ET

Subject: Meeting the InCommon Assurance profile criteria using Active Directory

List archive

RE: [AD-Assurance] RE: Call Today Noon ET

Chronological Thread 
  • From: Ron Thielen <>
  • To: "" <>
  • Subject: RE: [AD-Assurance] RE: Call Today Noon ET
  • Date: Fri, 22 Mar 2013 18:49:12 +0000
  • Accept-language: en-US
  • Authentication-results:; dkim=neutral (message not signed) header.i=none

I didn't volunteer, but I already looked into it.  I added two footnotes to the Gaps page that explain that in Windows Server 2008 and later Kerberos uses AES for encryption and Kerberos is used for the RPC synchronization between DCs.  So as long as you don't use SMTP for sync'ing, you're good to go.  :-)




From: [] on behalf of Ann West []
Sent: Friday, March 22, 2013 1:39 PM
Subject: Re: [AD-Assurance] RE: Call Today Noon ET

I think I missed this in my notes, unless this is included in Lee's AI? Lee, does that sound right to you?


On the last item there is a tbd pending research into protection of passwords during DC replication. Someone on the call took that research as an action item.

Archive powered by MHonArc 2.6.16.

Top of Page