Active Directory Cookbook Blog

Article: Department of Indian and Northern Affairs gets proactive with Active Directory 

This article talks about how the Department of Indian and Northern Affairs (INAC) used NetPro's ChangeAuditor to track and audit changes in Active Directory.

# posted by Robbie (2/24/2005 03:17:17 PM)

Article: 3 Questions: Virtual Directories Simplify Identity Management 

Clayton Donley, CTO and founder of OctetString answers a few questions about Virtual Directories.

# posted by Robbie (2/24/2005 03:14:19 PM)

Article: Microsoft prepares move on ID management 

"Microsoft is working on restructuring its identity management platform, adding services directly into the operating system with an eye toward lessening users' current integration chores.

The biggest additions would be folding Microsoft's Identity Integration Server (MIIS) - a separate product and cornerstone for Microsoft's identity platform - into Windows to add services such as provisioning and password management. The operating system already includes Active Directory, another foundation of Microsoft's identity platform.

The sources said Microsoft was developing new workflow technology for the operating system that would be used to orchestrate the provisioning and other identity services across multiple systems."
Continue at source.

# posted by Robbie (2/24/2005 09:02:24 AM)

Centrify in the News 

Startup Extends Active Directory to Linux Systems (link)
Centrify DirectControl Suite Becomes First Solution that Extends Active Directory to Unix/Linux Environments to be Certified for Microsoft Windows 2003 (link)
Centrify Signs on as Gold Sponsor of Directory Experts Conference 2005 (link)

# posted by Robbie (2/17/2005 12:14:42 AM)

Article: Directory services -- not your father's LDAP 

This short article provides a brief overview of the current state of the Directory Services/LDAP market.

# posted by Robbie (2/17/2005 12:10:14 AM)

Article: Microsoft Preps a Unified ID Management Suite 

"Microsoft is working to integrate its various identity-management wares into a unified platform, upon which it will encourage third-party developers to build, according to partner sources.

It's not clear whether Microsoft will use this week's RSA conference in San Francisco to take the wraps off the new ID-management suite. Regardless, the company is moving full steam ahead to integrate a number of its existing Windows Server applications into such a platform, partners said."
Continue at source.

# posted by Robbie (2/16/2005 11:21:18 PM)

Mac OS X 10.3.8 released via Software Update 

The latest release includes an AD fix: "Addresses an issue that could prevent clients using the Active Directory plugin from binding to their Active Directory server."
Continue at source.

# posted by Robbie (2/11/2005 01:11:55 PM)

Socialtext Workspace 1.5 Adds Enterprise and Web Service Integration to Wiki 

SocialText now integrates with AD. Read on for more information.

# posted by Robbie (2/11/2005 01:08:58 PM)

Article: Real-World GPMC Troubleshooting 

"With nearly 1,000 settings available in Windows Server 2003 Group Policy, troubleshooting is a burdensome and often frustrating experience for administrators. The most frequent problem—by far—for group policy application is failure of the policy to work as expected."
Continue at source.

# posted by Robbie (2/11/2005 01:06:19 PM)

Article: (Almost) Painless Schema Mods 

"You might want to take a few precautionary steps prior to initiating [Exchange Server 2003] ADPREP."
Continue at source.

# posted by Robbie (2/11/2005 01:05:31 PM)

Centrify Releases DirectControl; Extends Microsoft Active Directory to Easily Manage and Secure Linux/Unix and Java Identities 

"Centrify Corporation today (Feb 7th) announced the general availability of DirectControl(TM), an integrated identity, access and policy management solution that comprehensively extends the capabilities of Microsoft(R) Active Directory(R) for mixed Microsoft Windows(R), UNIX(R) and Linux(R) environments and Java(TM) and web-based applications. Using DirectControl software, administrators can reduce the administrative costs associated with user account management, strengthen security throughout their organization and improve user productivity through the streamlined consolidation of multiple user IDs -- all via a seamlessly integrated solution that does not require intrusive changes to either a customer's Active Directory environment or Unix/Linux environment."
Continue at source.

# posted by Robbie (2/11/2005 01:03:10 PM)

Jackson Shaw, Former Microsoft Identity and Access Management Product Manager, Joins Vintela as V.P. of Product Management 

"Vintela [...] today announced the hiring of Jackson Shaw as the company's vice president of product management. Shaw joins Vintela while moving from his position as part of the Identity and Access Management marketing team for the Windows Server Marketing group at Microsoft Corp."
Continue at source.

# posted by Robbie (2/11/2005 01:00:50 PM)

Article: Making Microsoft Support Linux: Centrify To Compete with Vintela 

"Centrify, which was started 10 months ago by Tom Kemp, the co-founder of hotshot security management house NetIQ, is about to come out from under the covers and expects to compete with Netegrity and Oblix as well as Vintela for the identity and access management crown mindful of the fact that identity management is a top security challenge for the IT establishment these days"

"It's got software - called the Centrify DirectControl suite - that makes Microsoft's Active Directory (AD) cross-platform and seamlessly extends real-time AD authorization, authentication and Group Policy capabilities to Linux and Unix as well as J2EE and applications servers such as Apache and JBoss.

It will reportedly make them all live in a happy nirvana of single sign-on by centralizing all user accounts in Active Directory, and strengthen security by enforcing global password policies and eliminating orphan accounts.

It says it's the only company that can do this."
Continue at source.

# posted by Robbie (2/05/2005 08:44:44 AM)

Javelina Software Announces the Release of ADtoolkit v3.0 

"Javelina Software, LLC, today announced the release of ADtoolkit v3.0. ADtoolkit ensures simplified, expedient management of tasks essential to the administration of Active Directory (AD) and now includes a new set of tools designed to easily move in bulk, users, groups, contacts and computer accounts within Active Directory Organizational Units. In addition ADtoolkit v3.0 includes many customer requested enhancements that expand the capability of the current tools."

"ADtoolkit’s new move tools will arm Active Directory administrators with the ability to keep up with the changes that occur every day in business. Administrators will not need to spend extra time writing extensive scripts to keep up with these changes.
In addition to the new move tools in ADtoolkit v3.0, there are many enhancements to the current tools that are also customer driven. One of these new features is the ability to copy information from the report output screens and paste it into the other ADtoolkit tools, such as Modify User. For example, by generating a report of a list of soon to expire users, admins can right click to copy the resulting list of user names, and then paste it directly into the grid on the Modify Users tool. Simply set a new expiration date, and run the tool to quickly make changes to the entire list."
Continue at source.

# posted by Robbie (2/05/2005 08:40:00 AM)

Article: Fazam GPAnywhere version 1.6: Get into Group Policy 

Here is a detailed product review of Fazam's latest GPAnywhere release.

# posted by Robbie (2/05/2005 08:36:45 AM)

Article: Windows Server 2003 Domain Renaming with Exchange Server 2003 

Tony Redmond's latest article describes Windows Server 2003 Domain Renaming with Exchange Server 2003.

# posted by Robbie (2/05/2005 08:35:00 AM)

NetPro’s Directory Experts Conference 2005 to Showcase Leading Industry Analysts 

The speaker lineup for DEC 2005 continues to grow. I wish I could be there.

# posted by Robbie (2/05/2005 08:33:58 AM)

Article: Sun, Microsoft Breaking SOA Barriers 

More chatter about the SUN/Microsoft partnership. This has to be one of the most hyped partnerships of all time in the high-tech field. Let's just hope something eventually comes from it.

# posted by Robbie (2/05/2005 08:29:16 AM)

UDDI - Who cares?  

Recently, OASIS ratified a new set of UDDI standards. My reaction: Who cares. For those that don't know what UDDI is:
"The Universal Description, Discovery and Integration (UDDI) specifications define a registry service for Web services and for other electronic and non-electronic services. A UDDI registry service is a Web service that manages information about service providers, service implementations, and service metadata. Service providers can use UDDI to advertise the services they offer. Service consumers can use UDDI to discover services that suit their requirements and to obtain the service metadata needed to consume those services."

In my opinion, UDDI is either pointless (mostly) or ahead of its time. The one thing I can tell you is that its time is not now; just like it wasn't a few years ago when UDDI first came out. Everyone was touting UDDI as the great panacea for how enterprises and organizations will automatically publish and discover one anothers web services. I just don't think that is realistic. Lets take the enterprise example. Most groups develop apps for their use only; they don't develop interoperable apps. And if they did and there was another group that was interested in using their APIs, they wouldn't look them up in some directory, they'd go directly to the source. Even if you did want a listing of all the public web services in an org, you could put up a simple web page. I don't see the demand being strong enough to warrant a separate infrastructure. The other major problem with sharing anything within an enterprise is that when the owners of the components change something, they don't want to notify everyone that is using their component so they usually don't, and things break (hence one of the major reasons people don't like to share). And don't tell me versioning solves the problem because it doesn't.

The reason I said it could be ahead of its time is because really, UDDI should be the solution. If enterprises were more organized about development, UDDI could help solve the sharing problem. So in cases where you have groups within an enterprise that are highly motivated to share or multiple external organizations that are highly motivated to share, UDDI *might* be a good way to track the available web services. I'd love to see some non-trival examples of how UDDI worked well. The "Discovery" part of UDDI I really don't get and don't see a practical use for.

More open standards or not, my crystal ball says I'll be saying I told you so about UDDI in another 3 years. That's not to say there won't be some pockets of implementations, but I'm talking on a large-scale, I can't see it happening. And this is to say nothing of the underlying technology behind UDDI. This is more of a people and process issue. If you think I'm way off base, I'd love to here from you, shoot me an email.

# posted by Robbie (2/05/2005 07:58:02 AM)

This page is powered by Blogger. Isn't yours?