Tristan Watkins on IT Infrastructure
Currently viewing the category:
"Security"
Not only is this the thing that I always forget, it’s the thing that I’ve just learned I didn’t really understand. My colleague Ben just absolutely pwned me about an SSL certificate’s “Friendly Name” field and how it’s used when editing SSL binding in IIS. I was certain that Friendly Name couldn’t possibly be [...]
RMS AD Caching for SharePoint 2010 Users
By Tristan Watkins On May 20, 2013 · Leave a Comment · In Authentication, Performance, Security, SharePoint, Windows
As this series of posts about SharePoint 2010 with Rights Management moves on, it moves further from SharePoint. In this post I’m describing the final steps in the RMS protection process, where RMS authenticates the requesting user and authorises actions with RMS-protected content.
In most configurations, RMS will rely on its internal AD [...]
RMS Publishing Permissions for SharePoint 2010 Application Pool Identities
By Tristan Watkins On February 5, 2013 · Leave a Comment · In Authentication, Security, SharePoint, Windows
In the previous posts in this series about SharePoint 2010 with Rights Management, I’ve been looking at the user information requirements to successfully bridge gaps between SharePoint and RMS. In this post I will focus on a poorly documented RMS configuration requirement that is often overlooked and seems to cause many deployment headaches. This is the point of [...]
Inspecting an AD RMS Request from SharePoint 2010
By Tristan Watkins On February 5, 2013 · Leave a Comment · In Authentication, Security, SharePoint, Windows
In this series of posts on SharePoint with RMS, I’ve mostly focused on the ways things might go wrong if Active Directory data, User Profiles and User Information Lists are misaligned. Now, assuming SharePoint has a reliable Work E-mail value for a user, there are still a number of things that happen between the initiation [...]
Continuing this series about the SharePoint 2010 IRM implementation, in this post I’ll keep looking at the Work E-mail Address attribute in the User Information List, but focus specifically on how the initial value in that field gets populated from different sources for different Authentication Provider Types. As with the fuller picture considered in the last post, this is a [...]
How SharePoint 2010 Finds and Updates a User’s Work E-mail Address
By Tristan Watkins On January 22, 2013 · Leave a Comment · In Authentication, Security, SharePoint, Windows
In the first part of this series about the SharePoint 2010 IRM implementation, I provided an overview of the technology and why we might use it to enhance SharePoint’s access controls. In this second article, I’ll look closely at the key piece of information that bridges the gap between SharePoint and a Rights Management Server - namely, a user’s e-mail address. RMS [...]
Protecting SharePoint 2010 with Information Rights Management
By Tristan Watkins On January 15, 2013 · Leave a Comment · In Authentication, Security, SharePoint, Windows
Overview
In recent weeks Information Rights Management (IRM) protections for SharePoint 2013 have received a fair amount of attention, as IRM is now configurable per-tenant, which brings the capabilities to SharePoint Online, supported by Windows Azure Active Directory Rights Management (AADRM). This is great, and I’ll have more to say about these new technologies, but [...]
Over the last year I’ve spent a decent chunk of my time shaping and delivering Identity and Access Management workshops for Office 365 projects at Content and Code. This is generally underpinned by Active Directory Federation Services v2.0 (ADFS). In fact I don’t think we’ve done a single Office 365 project [...]
In my last post, I described some of the security considerations that influence an administrator’s response to event log clutter generated by DCOM errors. There are known remedial steps for most of these errors, but the impact of fixing them is often poorly understood, so I tried to [...]
In a server administrator’s never-ending battle with log clutter, DCOM errors have proven to be some of the most persistent and poorly-understood events – especially with SharePoint. Our community has been building up remedial practices for the most common of these errors, but changes to the number and complexity of these fixes over the last [...]
On Twitter
My TweetsRecent Comments
- JohnLong on Adding Drivers to Windows Deployment Services Boot Images
- Boog on How to enable Lync audio within a Remote Desktop session
- Tristan Watkins on How to enable Lync audio within a Remote Desktop session
- Perl on How to enable Lync audio within a Remote Desktop session
- ShamrockSoft on No Lossless Audio With Zune
Categories
- Administrivia (1)
- Authentication (10)
- Business Continuity (2)
- Client applications (17)
- Consultancy and Design (17)
- Hardware (9)
- IT Management (12)
- Miscellaneous (5)
- Mobile (3)
- Networking (18)
- Office 365 Grid (3)
- Performance (26)
- Power (2)
- Security (20)
- SharePoint (76)
- Unified Communications (3)
- Virtualisation (30)
- Windows (53)
Tags
Active Directory administration Amazon Web Services ASUS binding BLOB Caching certificates Claims Cloud DCOM Dell development DNS EC2 Graphics Hyper-V IaaS ICS IIS Information Rights Management Intel IRM Lync NUMA PowerShell RMS SAML Search SEO Service Application SharePoint 2007 SharePoint 2010 SLAT STSADM Timer Job User Information User Profile Virtual Machine VMWare w3wp Windows 7 Windows Deployment Services Windows Server 2008 R2 WorkgroupArchives by Month
