Archive

Author Archive

Interesting FIM2010 R2 webinars coming up

Mon 15 Apr 2013 Leave a comment

Title: FIM 2010 R2′s Attestation Module
Presented by: Randy Wiemer, Oxford Computer Group Principal Architect
Channel: Identity & Access Management
Live on: Apr 18 2013 8:00 pm

https://www.brighttalk.com/webcast/8503/71687.

 

Title: FIM 2010 R2′s Analytics Module
Presented by: Rob de Jong, Microsoft Channel: Identity & Access Management
Live on: May 16 2013 8:00 pm

https://www.brighttalk.com/webcast/8503/71689.

 

Check the Identity & Access Management channel on BrightTalk: https://www.brighttalk.com/community/it-security/channel/8503

Categories: Security

ECMA 2.2, PowerShell, SharePoint User Profile and Generic LDAP Connector Beta available on Connect

Fri 29 Mar 2013 1 comment

Source: https://connect.microsoft.com/site433/Downloads/DownloadDetails.aspx?DownloadID=48615

The FIM Product group has has released a new version of ECMA2, one new Connector and an update to two Connectors to Connect for pre-release evaluation.

A new release of the Sync Engine is available on Connect and it has ECMA 2.2 in it. These are the new features:

-        An ECMA2 Connector can be initiated and can run outside the sync engine. It is now possible to do a test driven implementation where you create all unit tests for your Connector in Visual Studio and test your Connector without even having a Sync Engine. You can also debug the Connector without having a Sync Engine present.

-        A new capabilities page and calling the capabilities later in the flow. It is now possible to ask the user for information and connect to the target directory and use that information for the Connector’s capabilities.

-        Added support for dn as anchor for LDAP based directories and not providing the object type for update/delete operations in delta import.

 

There is also a new Connector:

-        PowerShell. This is the MCS Connector the PG took back and productized. Some of the features mentioned above for ECMA 2.2 were added to make this Connector easier to use.

 

The PG also refreshed some Connectors based on feedback from our previous pre-release:

-        SharePoint User Profile Connector will allow you to connect to the user profile store in SharePoint. This will simplify integrations for multi-forest and non-AD directories.

-        The Generic LDAP Connector is intended for connectivity with Open LDAP directories.

 

The PG team is also looking for customers who would be interested to test these Connectors in a production environment.
These customers will get access to the Volume License version of FIM.

(If interested, ping me an email on peter(at)fim2010.com)

Make sure you have signed up for the program “Forefront Identity Manager 2010” – “FIM Synchronization Service Connectors Pre-release” on Connect. Even if you had access to a previous FIM2010 connect program, you need to add yourself to the Connectors program.

You can then find the download here: https://connect.microsoft.com/site433/Downloads/DownloadDetails.aspx?DownloadID=48615

Categories: Security

Security Compliance Manager 3.0 now available for download!

Wed 6 Feb 2013 Leave a comment

From:
- http://blogs.technet.com/b/secguide/archive/2013/02/05/secure-your-environment-with-scm-3-0.aspx
- http://technet.microsoft.com/en-us/solutionaccelerators/cc835245.aspx

The Solution Accelerators Security Team at Microsoft is pleased to announce that the latest version the Microsoft Security Compliance Manager (SCM) – Version 3.0 – is released and available for download!

In addition to key features from the previous version, SCM 3.0 offers new baselines for Windows Server 2012, Windows 8, and Internet Explorer 10! SCM enables you to quickly configure and manage computers and your private cloud using Group Policy and Microsoft System Center Configuration Manager.

SCM 3.0 provides ready-to-deploy policies and DCM configuration packs based on Microsoft Security Guide recommendations and industry best practices, allowing you to easily manage configuration drift, and address compliance requirements for Windows operating systems and Microsoft applications.

Download SCM 3.0 Now!

Thank you for your continued interest in:Security Compliance Manager.

For more information on Security Compliance Manager and to be involved in discussions, please use the following resources:

Categories: Security

Forefront Identity Manager (FIM) 2010 R2 SP1 officially announced

Fri 1 Feb 2013 Leave a comment

Yesterday Microsoft officially announced the release of Forefront Identity Manager (FIM) 2010 R2 SP1.

Want an overview of the media coverage?

As mentioned in the server & cloud blog

Links and Downloads

Categories: Security

New Wiki article: Troubleshooting FIM: GALSync stopped-server on ADMA export

Fri 25 Jan 2013 Leave a comment

Source: http://social.technet.microsoft.com/wiki/contents/articles/15526.troubleshooting-fim-galsync-stopped-server-on-adma-export.aspx

As it’s a Wiki, feel free to contribute to this article!

Here’s what I started with…

Problem statement

GALSync configuration halts on execution of the export on the AD MA.
FIM throws an error “stopped-server” on export.

Symptoms

Eventviewer

Log Name:      Application
Source:        Application Error
Date:          1/17/2013 9:38:58 PM
Event ID:      1000
Task Category: (100)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      FIMServer.domain.local
Description:
Faulting application name: mmsscrpt.exe, version: 4.1.3114.0, time stamp: 0x50ad5a10
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x0000000000053fcc
Faulting process id: 0×568
Faulting application start time: 0x01cdf4ea0fdebb1d
Faulting application path: C:\Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service\Bin\mmsscrpt.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 88bd4904-60dd-11e2-b03f-005056910162
Event Xml:
<Event xmlns=http://schemas.microsoft.com/win/2004/08/events/event>
<System>
<Provider Name=“Application Error”/>
<EventIDQualifiers=“0″>1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0×80000000000000</Keywords>
<TimeCreated SystemTime=“2013-01-01T00:00:00.000000000Z”/>
<EventRecordID>1531</EventRecordID>
<Channel>Application</Channel>
<Computer>FIMServer.domain.local</Computer>
<Security/>
</System>
<EventData>
<Data></Data>
<Data>4.1.3114.0</Data>
<Data>50ad5a10</Data>
<Data>ntdll.dll</Data>
<Data>6.1.7601.17725</Data>
<Data>4ec4aa8e</Data>
<Data>c0000005</Data>
<Data>0000000000053fcc</Data>
<Data>568</Data>
<Data>01cdf4ea0fdebb1d</Data>
<Data>C:\Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service\Bin\mmsscrpt.exe</Data>
<Data>C:\Windows\SYSTEM32\ntdll.dll</Data>
<Data>88bd4904-60dd-11e2-b03f-005056910162</Data>
</EventData>
</Event>

Troubleshooting Steps

Uncheck Exchange provisioning on the ADMA and see if it works out.
Then try to test RPS URI from the FIM server in powershell.
If it doesn’t work there is an issue with the RPS URI.

Resolution

  1. Check the RPS URI configuration, use the FQDN instead of simple server name.Eg. replace http://exchsvr/powershell with
    http://exchsvr.mycompany.com/powershell.
  2. Check the RPS URI can be reached

See Also

Categories: Security

New book about Unified Remote Access 2012 is out!

Thu 3 Jan 2013 Leave a comment

My MS Colleague Erez Ben-Ari has published a new book on Unified Remote Access with Windows server 2012.
A must have!

Source: http://blogs.technet.com/b/ben/archive/2012/12/27/the-new-book-about-unified-remote-access-2012-is-finally-out.aspx

Book available at: http://www.packtpub.com/windows-server-2012-unified-remote-access-planning-and-deployment/book&#8221;>http://www.packtpub.com/windows-server-2012-unified-remote-access-planning-and-deployment/book

 

Categories: Security

Packt Publishing: Seasonal eBook Offer – Buy 2 or more $5 each (Offer Extended to 4th/jan!!)

Thu 3 Jan 2013 Leave a comment

To celebrate the festive season, Packt announced a special eBook offer.

As the offer has been extended to Friday 4th Jan 2013 (tomorrow)  Quickly surf to : http://tinyurl.com/7fe7946

“All [yes, ALL] Packt eBooks are on offer now for $5 | €4 | £3 |  AUS$5 each when you buy 2 or more.
Just add the eBooks into your cart and when you have chosen 2 or more eBooks, you’ll  get each for $5 per copy when you checkout.

This offer is available until Friday 4th Jan 2013.

Packt eBooks are flexible and easy to use on any reader:     -

  • Download any version, any time, from your account on www.packtpub.com
  •  Available PDF, ePub [Android, Kobo], Mobi [Kindle]  -          You can email it right onto your Kindle from your account
  •  No DRM, meaning you can copy to any device, as often as you like
  •  You can print, and copy and paste from the eBook directly.”

My suggestions to get started in 2013:

1. Microsoft Forefront Identity Manager 2010 R2 Handbook :
http://www.packtpub.com/microsoft-forefront-identity-manager-2010-r2-handbook/book

2.  Freshly published: Windows Server 2012 Unified Remote Access Planning and Deployment
http://www.packtpub.com/windows-server-2012-unified-remote-access-planning-and-deployment/book

3. Microsoft Forefront UAG 2010 Administrator’s Handbook
http://www.packtpub.com/microsoft-forefront-uag-2010-administrators-handbook-raw/book

4. Mastering Microsoft Forefront UAG 2010 Customization
http://www.packtpub.com/mastering-microsoft-forefront-uag-2010-customization/book

Happy reading!

Categories: Security

Did the Belgian Railways (NMBS/SNCB) leak your data?

Wed 2 Jan 2013 Leave a comment

First of all, a happy New Year and best wishes for 2013 to all of you.

Although, ‘happy’ … ‘a more secure New Year’ would be a better wish.
In that sense, 2012 ended with some bad news.
Last week (22/12/2012) a data leak on the NMBS/SNCB data website was uncovered.
ossibly 1.5 M customers of the NMBS/SNCB have been exposed on the internet for weeks.

As 1,5M records have been exposed (with 10M Belgian citizens), the chances are high that YOU are impacted.

Meanwhile on Twitter, it has become known as NMBSGate or SNCBGate.
Check Twitter for it:
-        https://twitter.com/search?q=%23NMBSgate&src=hash
-        https://twitter.com/search?q=%23SNCBgate&src=hash

Please check following articles.

Belgian rail firm SNCB Europe sees 1.5m customer details leaked, but fails to take responsibility
http://thenextweb.com/insider/2012/12/24/belgian-rail-firm-sncb-europe-sees-1-5m-customer-details-leaked-but-fails-to-take-responsibility/

An analysis of the leaked personal data of 1.5 million @SNCBEurope customers
http://storify.com/xdamman/sncbgate-nmbsgate

(FR) Post-mortem: LA SNCB met en ligne les coordonnées de 1.400.000 clients
http://patrick.vande-walle.eu/belgium/post-mortem-la-sncb-met-en-ligne-les-coordonnees-de-1-400-000-clients/

(FR) La SNCB divulgue les coordonnées privées de ses clients sur internet
http://www.lesoir.be/143379/article/actualite/belgique/2012-12-24/sncb-divulgue-coordonn%C3%A9es-priv%C3%A9es-ses-clients-sur-internet

(NL) Controleer of uw gegevens ook gelekt werden door de NMBS
http://www.standaard.be/artikel/detail.aspx?artikelid=DMF20130101_017

And also check: http://sncb.fredericjacobs.com/
(If the site hasn’t been taken offline meanwhile or overloaded due to response…)

Some of us have a very common name in Belgium and have a name-look-alike or duplicate that used the SNCB/NMBS services….

What does it mean?
Your personal data like mail address, phone numbers, and login are compromised, which means you can get more spam, fishing, vishing, false or fake registrations and if your mail address can be linked with another leaked website that lost ID/password info, you could be in trouble.

You’ve been exposed ?
The best you can do is to file a complaint to the Privacy Commision.

You can file it in French or Dutch.

Change your password right now and change it frequently.
Change your credentials, logon, passwords, e-mail address.

Don’t use the same logon, mail address and password for different websites.

Only put personal information if really, strictly necessary.

In some cases you should even consider using dummy data.

More sources:
- Belsec: http://belsec.skynetblogs.be/archive/2013/01/01/check-if-you-have-lost-some-information-in-the-sncb-nmbs-dat.html
- Belsec: http://belsec.skynetblogs.be/archive/2012/12/31/nmbs-sncb-1-5-million-dataleak-not-the-first-time.html
- Storify: http://storify.com/xdamman/sncbgate-nmbsgate
- Standaard.be: http://www.standaard.be/artikel/detail.aspx?artikelid=DMF20130101_017
- SNCB Leak check: http://sncb.fredericjacobs.com/

Categories: Security

5 Feb 2013 – Safer internet trainingen door Microsoft en Belgacom

Wed 19 Dec 2012 Leave a comment

Op 05 februari organiseren Belgacom, Microsoft en Child Focus opnieuw “safer internet trainingen”.

Dit initiatief kadert in een vrijwilligersprogramma voor werknemers van de bedrijven Belgacom en Microsoft.

Deze opleidingen over veilig internet zijn gericht naar leerlingen van het 4de, 5de en 6de leerjaar.

Registreer je school op: http://www.safer-internettrainings.be/School

www.microsoft.be/citizenship

www.belgacom.com/responsibility

www.childfocus.be

www.clicksafe.be

Categories: Security

Pack publishing celebrating–get your gift

Fri 21 Sep 2012 Leave a comment

As you know Kent Nordstrom recently published a FIM book that I reviewed (see here for my blog post on that).1000th Campaign Banner

Now, the publisher Packt Publishing is about to reach it’s 1000th title and they are celebrating.

They wish to celebrate this occasion with you.

They have a gift for you and the rest of their readers.
But these gifts will only be revealed between 28th and 30th September, as that’s when their 1000th title gets unveiled.
The gifts are valid for only those readers who are currently registered on their website, and those who sign up for an account before 30th September.

So, get a look at their invitation.

BTW, check out these favorites of mine:

- Microsoft Forefront Identity Manager 2010 R2 Handbook

- Microsoft Forefront UAG 2010 Administrator’s Handbook

- Mastering Microsoft Forefront UAG 2010 Customization

Categories: Security
Follow

Get every new post delivered to your Inbox.