July 2007 - Posts

• Utility to load Active Directory with sample data and introduce incremental changes

  Quite often I find myself in a situation where I need to quickly build a test environment for Active Directory (AD), whether it is to perform some MIIS directory synchronization testing or performance benchmarking of an application that utilizes AD. I took initial stab at this problem by creating a simple VB script (ADPopulator) that was using several Excel spreadsheets as an input for creating some randomized by still realistic user information. You can see more info on that script here: http://blogs.msdn.com/alextch/archive/2006/09/18/AdPopulate.aspx. The script had a number of limitations though. So when working for test harness for my Oracle extensible MA I decided to write something that addressed the above limitations. Introducing ADModifer 1.0 Read More... Posted Tuesday, July 10, 2007 5:17 PM by alextch | 1 Comments Filed under: Active Directory Programming Attachment(s): ADModifier.zip

• Certificate auto-enrollment configuration and certificate template version

  For the most part configuring certificate auto-enrollment is a fairly straight forward process, and is well documented (see links below). http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/autoenro.mspx http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/ws03crtm.mspx Nevertheless, there is one aspect that may not be quite intuitive and it has to do with the certificate templates versions. As you probably are aware Microsoft Enterprise CA supports two types of templates: V1 and V2. V2 templates allow customization and therefore are preferred, but require CA to be running on Windows 2003 Server Enterprise Edition. So where is the non-intuitive part? Well, the auto-enrollment configuration process will differ depending on the type of the template the certificate is based on. Read More... Posted Tuesday, July 03, 2007 5:35 PM by alextch | 1 Comments Filed under: PKI