John Lan's Notes
Strongline Blogspot. Azure Entra Active directory GPO PowerShell Kerberos DNS PKI.
Read Strongline.blogspot.com news digest here: view the latest Strongline Blogspot articles and content updates right away or get to their most visited pages. Strongline.blogspot.com is not yet rated by Alexa and its traffic estimate is unavailable. It seems that Strongline Blogspot content is notably popular in USA. We haven’t detected security issues or inappropriate content on Strongline.blogspot.com and thus you can safely use it. Strongline.blogspot.com is hosted with Google LLC (United States) and its basic language is English.
Content verdict: Safe
Website availability: Live
Language: English
Last check:
-
N/A
Visitors daily -
N/A
Pageviews daily -
N/A
Google PR -
N/A
Alexa rank
Best pages on Strongline.blogspot.com
-
Strongline's AD/Windows Notes: escape apostrophe in ldap search filter in VBscript
objCommand.CommandText = _ "SELECT distinguishedName FROM 'LDAP://dc=strongline,dc=home' WHERE objectCategory='user' AND cn ='D''Arcy, Who'" REM ====>>>> use another apostrophe to escape one astro...
-
John Lan's Notes: Largest Delta? What is it?
Active directory GPO PowerShell VBscript Kerberos DNS KMS PKI DFS
-
Strongline's AD/Windows Notes Jun 15, 2016 Assumption #2: audit is enabled on the obejct you want to track ( SACL entries) run "repadm /showobjmeta DCName DN_of_object" Check the change time and orig...
Strongline.blogspot.com news digest
-
1 year
How AD decides Kerberos encryption type per user/computer basis
Supposed that there is no GPO to enforce supported ciphers, on a per principal basis, it is determined as below:
If msDS-SupportedEncryptedTypes is populated, then use values defined in this attribute. It's a 5-bit flag
bit 0 DES-CBC-CRC -
1 year
Decentralized Identity (DID) - Verifiable Credential - Microsoft Verified ID
Traditional IDs are issued/owned by IdPs. From user's perspective, these IDs among different IdPs can be inconsistent, hard to maintain, and there is no guarantee of privacy, control, etc.
Decentralized ID lets a user owns his/her ID. Any other entity can then add claims to DID. For example, an employer can add employment claim to its employees' DIDs. Therefore, traditional IdPs no longer own IDs, they either become irrelevant to a person... -
1 year
General steps
Set up an on-premise AD with forest name johnfoo.tk
get a free domain from freenom (johnfoo.tk) -
1 year
Create a split-DNS for AD forest with same AD-domain name and DNS-domain name
This is useful for a lab environment where you have an AD forest uses same domain name AD-wise and DNS-wise
Set up
domain name: foo.bar
Domain history
| Web host: | Google LLC |
| Registrar: | MarkMonitor Inc. |
| Registrant: | Google LLC |
| Updated: | August 02, 2024 |
| Expires: | July 31, 2025 |
| Created: | July 31, 2000 |
Whois record
Safety scores
Trustworthiness
N/AChild safety
N/A
