Supportability and Vista UAC

Supportability is a topic near and dear to my heart.  Vista has made great leaps and bounds in this area  with more logging than any prior OS, as well as a great help file and improved errors.  However, the other day I was playing with Vista’s UAC features and manifests and noticed an error which doesnt…

7

Don’t do this with Vista GPO’s …

  Bad things will happen.   In vista there is a GPO called “Display information about previous logons during user logon” Beware setting this in your environment.   If you configure this as a domain based policy you will no longer be able to logon as a domain user. You will see the following error:…

0

Configuring and Troubleshooting Certificate Services Client–Credential Roaming ( DIMS )

Here it is finally…  ( note , I did not write this ) Whitepaper  Configuring and Troubleshooting Certificate Services Client–Credential Roaming… http://www.microsoft.com/technet/security/guidance/cryptographyetc/client-credential-roaming/terminology-assumptions.mspx  Should answer a lot of the questions I got in response to my previous posts on DIMS ( Credential Roaming ) which is built into XP. A few notes – it wont work…

0

Live for the mobile platform is awesome…

Check it out. http://ideas.live.com/programPage.aspx?versionId=83ced24d-3b97-412b-9a9a-22a5c2282bfd I was a bit skeptical of the performance or level of detail, but after I loaded it up on my 8525, this thing is amazing – fast, accurate and   easily accessible. Very intuitive, very nice work guys. Clearly a well thought out mobile app.    spatdsg  

0

All that is Bitlocker

Clearly plagiarism by me …  Bitlocker bookmarks to have handy    BitLocker Step by Step information http://www.microsoft.com/technet/windowsvista/library/c61f2a12-8ae6-4957-b031-97b4d762cf31.mspx     Public BitLocker Documents Windows BitLocker Drive Encryption Step-by-Step Guide         http://www.microsoft.com/technet/windowsvista/library/c61f2a12-8ae6-4957-b031-97b4d762cf31.mspx Windows Vista Trusted Platform Module Services Step by Step Guide  http://www.microsoft.com/technet/windowsvista/library/29201194-5e2b-46d0-9c77-d17c25c56af3.mspx BitLocker Executive Overview  http://www.microsoft.com/technet/windowsvista/security/bitlockr.mspx A Technical review of BitLocker Drive Encryption http://www.microsoft.com/technet/windowsvista/security/bitlockr.mspx Best Practices…

0

DFS and Bridge all Site Links..

Another bookmark for myself and an FYI for readers. You may have missed this post from our excellent DFS\R team’s blog. http://blogs.technet.com/filecab/archive/2006/09/20/456318.aspx Key point:  When the forest functional level is Windows Server 2003 or Windows Server 2003 interim and the ISTG in a site is running Windows Server 2003 with SP1, you can use a site option to turn off automatic…

3

Smartcard logon over Terminal Services ( RDP redirection )

In a recent post I outlined a number of ‘challenges’ to implementing smartcards.   I also asked about people who were hitting slow logons after implementing smartcards. Well I had a few responses as well as some interest in how RDP redirection works in general.     When a user logs on to a machine…

46

Smart Card Development Article in MSDN Magazine

Since I am on a SC kick lately…. ( and cant seem to get away from it ) Should be an interesting  article… http://jwsecure.com/dan/2006/10/ spatdsg     

0

Random bookmarks for myself

Interesting that I put bookmarks here – but my browser bookmarks are so full of stuff I cant find anything .. my fav search engine and this blog allow for me to find them easier.. Maybe IE should rethink its way it manages BM’s? Or maybe I should.. Anyway..   WID dev resources: http://msdn.microsoft.com/en-us/library/ee517290.aspx – This…

2

Smartcards and cached logons…

Smartcards and cached credentials.   Scenario – large customer using a smartcard client from vendor XYZ.   When a user was online ( plugged into the network ) and would logon to the domain via smartcard it would not cache the credentials. If they tried to logon offline using Smartcard cached creds – it would…

3