assurance - [Assurance] RE: Discussion starter: Appendices, what's needed/wanted?
Subject: Assurance
List archive
- From: "Roy, Nicholas S" <>
- To: "" <>
- Subject: [Assurance] RE: Discussion starter: Appendices, what's needed/wanted?
- Date: Wed, 7 Sep 2011 21:14:22 +0000
- Accept-language: en-US
I guess I should have started out by saying, this is a discussion starter for the AD/Silver cookbook: From: [mailto:]
On Behalf Of Roy, Nicholas S Per today’s discussion, I deleted Table 1 from the cookbook, which contained Microsoft’s recommended password policies. As noted, there are any number of things you can do to meet the requirements. In its place, I added an appendix that
briefly discusses password entropy and links to the IAP document, SP 800-63 and a password entropy calculation spreadsheet. To get the conversation started on what we need to add to the cookbook, it was suggested on the call that any amount of detail in the existing appendices (A – Known Issues with NTLMv1 Disabled/LMHASH storage sturned off; B – Known Issues
with Requiring Signed LDAP Binds; C – Operational Considerations, Practices, Processes For Syskey Mode 2/3 Management) would be helpful. As it stands, we don’t have much there. I know some of you have done work with what requiring signed LDAP binds does
to Mac clients, and others may have looked at Bitlocker, Syskey mode 2 or 3, or what disabling NTLMv1 does to “legacy” clients. If you have any information to add to these, or any other suggestions for things that we could put in these or other appendices,
please respond to this thread. Thanks, Nick |
- [Assurance] Discussion starter: Appendices, what's needed/wanted?, Roy, Nicholas S, 09/07/2011
- [Assurance] RE: Discussion starter: Appendices, what's needed/wanted?, Roy, Nicholas S, 09/07/2011
Archive powered by MHonArc 2.6.16.