Welcome to MSDN Blogs Sign in | Join | Help

February 2005 - Posts

Sunday, February 27, 2005 5:02 PM

ADC Lessons Learned the Hard Way

What happens when a federation, each with its own domain, separated by firewalls within a single forest, attempts to implement the Active Directory Connector in a federated fashion? The perception was that this deployment model would be more secure, because
Posted by anthonw | 0 Comments
Filed under: ,
Friday, February 25, 2005 12:02 AM

Security Misunderstandings in Federations

What does it mean to have a secure environment? Is it proper authentication and access controls? Freedom from viruses and worms? Availability? Acceptable disaster recovery? Freedom from human error? Data integrity? I would argue, and I would assume most
Posted by anthonw | 3 Comments
Filed under:
Thursday, February 24, 2005 12:15 AM

An OU Can Be A Spoke, Too

If you've read any of my other posts, I deal with a number of government organizations at the state and local level helping them deploy Microsoft's infrastructure products. One area where my customers pride themselves is in the autonomy they've created
Posted by anthonw | 1 Comments
Filed under:
Wednesday, February 23, 2005 11:24 PM

Private Namespaces In Active Directory

For purposes of this post, a private namespace refers to the DNS name of the forest root in Microsoft Active Directory. A private namespace is essentially any DNS name that is not registered; it can even be a registered name (assuming you never want to
Posted by anthonw | 2 Comments
Filed under:
Wednesday, February 23, 2005 4:13 PM

ADC Role Confusion

A customer of mine hosts mailboxes for several smaller departments, acting somewhat like an application service provider for email. They have an Active Directory domain, which they control, but have delegated control of user and computer objects back
Posted by anthonw | 0 Comments
Filed under:
Tuesday, February 22, 2005 11:50 PM

The Federation Firewall Boundary

As a specialist by trade in both technology and financial audit, internal control structures and security play an important role in the work that I do. I came across Steve Riley's Death of the DMZ over broadband the other day and his thesis really hit
Posted by anthonw | 2 Comments
Filed under: ,
Tuesday, February 22, 2005 11:13 PM

Post-ADC Problems In Federations

Okay, so these problems could potentially exist anywhere. The reason I draw attention to them is that, often times in federations, a consultant, such as myself, might only be working with one of the groups (the ones leading the initiative). As such, visibility
Posted by anthonw | 0 Comments
Filed under:
Tuesday, February 22, 2005 11:07 PM

ADC Design for the Federation

Sometimes, the rules are complicated enough that it's easier just to break them; just ask anyone who's applied for a remodel permit. The same can be said about ADC Deployment in a federated environment. The ADC was designed, for an organization of 77,000
Posted by anthonw | 2 Comments
Filed under:
Tuesday, February 22, 2005 10:57 PM

The Legacy Exchange 5.5 Federation

The following scenario plays out one of the most common histories we see in the Exchange 5.5 design of federated environments. In fact, we can probably blame the flexibilty of Exchange 5.5 for the majority of federations that exist today because it made
Posted by anthonw | 4 Comments
Filed under:
 
Page view tracker