| Sys Admin Extraordinaire |

2013-03-01 Initial Post

Microsoft's Active Directory Certificate Services (ADCS) is a type of certification authority (CA) (a lot of people misspell that as "certificate" authority). A CA issues x.509 (a standard for digital certificates) formatted certificates for computer security purposes. When an organization sets up its own Certificate Services infrastructure, that essentially becomes its public key infrastructure (PKI). ADCS functions as a CA in a PKI and the CA and all its supporting systems are the PKI. You might see all three terms used interchangeably, and many documents just refer to a server running ADCS as "the CA." (more...)

2012-02-06 Initial Post
Windows Server 2003 SP2
Office Communications Server 2007 (non-R2)

csvde -f getOCSUsersListCSVDE-Output.csv -r "(&(objectCategory=user)(msRTCSIP-UserEnabled=TRUE)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))" -s dc001 -l "displayName" -j .

See http://support.microsoft.com/kb/269181 for explanation of userAccountControl and using bitwise filters with LDAP.

2012-02-02 Updated

2012-01-23 Initial post

One of our application administrators asked me to help him troubleshoot why LDAP user authentication didn't work correctly in his application, Oracle Agile PLM (Product Lifecycle Management) 9.3.1. I decided to look into LDAP authentication a little more and here are some notes I made. I wasn't able to find a nice simple article that answers this question: How is LDAP user authentication handled in AD? (more...)

2011-10-01 Reformatted for clarity

2009-01-13 Initial post

BACKGROUND

By default, Kerberos will encrypt the LDAP authentication only, but not the actual LDAP traffic. You can enable LDAPS (LDAP over SSL) to encrypt the entire LDAP session in Windows AD. (more...)

2011-08-11 Updated

2011-06-16 Initial post

Exchange Server 2010 SP1

When I checked the other week, I could not find any good documentation on the Administrator Audit Logging feature. I'm writing this post to share my research on this feature. (more...)