assurance - [Assurance] Two changes to the AD DS / Silver cookbook
Subject: Assurance
List archive
- From: "Roy, Nicholas S" <>
- To: "" <>
- Subject: [Assurance] Two changes to the AD DS / Silver cookbook
- Date: Wed, 7 Mar 2012 18:57:01 +0000
- Accept-language: en-US
|
Assurance friends, After receiving some additional feedback from experts, Brian Arkills and I have made two revisions to the AD DS With InCommon Silver Cookbook (https://spaces.internet2.edu/x/w56KAQ). Those changes are saved as versions 52 and 53 in the
wiki. Version 52 contains a clarification that completely disabling binds in the clear on port 389 would negatively affect group policy and replication, and suggests the use of LDAP signing to mitigate risk. Version 53 clarifies the statements in section
4.2.3.4 around AD DS not using a salt value when combined with passwords in the hashing process, in both the risk mitigation and sample management assertions sections. Feedback on these changes is welcomed. Thank you, Nick ------------ Nicholas Roy – Identity Architect The University of Iowa | Information Technology Services | Directory and Authentication |
- [Assurance] Two changes to the AD DS / Silver cookbook, Roy, Nicholas S, 03/07/2012
Archive powered by MHonArc 2.6.16.