One of the primary difficulties in directory integration is password synchronization. Most directories don't store clear passwords but rather a hash, or mathematical representation of a password that you can't easily trace back to the original password. Furthermore, a password is one of the rare attributes in a directory that is read-only, at least by general applications. Passwords are read-only because the only service that can actually read a password is the security service. Why is this point important? Because general directory synchronization services can't directly read passwords from most directories, and those directories that let synchronization services read them aren't secure enough to use as a master directory for password protection. Therefore, most directory synchronization options implement some form of redirection that intercepts password changes as administrators or users make them, then reflects those changes in the various directories the synchronization options integrate. Redirection requires administrative permission on all platforms for both the implementer and the directory-integration service. An example is Novell Directory Services (NDS) for NT, which replaces Windows NT's samsrv.dll and the SAM database on domain controllers to intercept password changes. The redirection problem is part of the wider security question surrounding system synchronization and the movement toward single sign-on (SSO). The primary problem is that if your synchronization or metadirectory solution is not secure, none of your managed directories can be secure.
Apple CEO Steve Jobs made the right move in skipping out on his company's last appearance at Macworld: In a Tuesday keynote address at the conference, Apple had no interesting new products to sell, opting instead to spend mind-numbing amounts of time on ...
Microsoft Learning Snack - Green IT Through Virtualization Many organizations face rising operating costs caused by excessive energy consumption. Virtualization and "Green IT" can help cut these costs. Get the information you need to bring Green IT savings to your business.
Order Your Fundamentals CD Today! Register today for your in-depth copy of one of three Fundamental CDs on the following topics – Exchange, SQL, and SharePoint.
Microsoft Learning Snack - Virtualization Basics With virtualization, computing components essentially become on-demand services, freeing each element of a system from the others. This short video explains the needs, benefits, and technologies behind virtualization.
Microsoft Learning Snack - Virtualization Basics With virtualization, computing components essentially become on-demand services, freeing each element of a system from the others. This short video explains the needs, benefits, and technologies behind virtualization.
Empower Your Processes with PowerShell 201 Paul Robichaux delves deep into PowerShell how-tos in 3 informative lessons, each followed by live Q&A—all on your own computer! Register today!
Microsoft Learning Snack - Green IT Through Virtualization Many organizations face rising operating costs caused by excessive energy consumption. Virtualization and "Green IT" can help cut these costs. Get the information you need to bring Green IT savings to your business.
New Release: Windows IT Pro Master CD 13 years of content archives, fast answers with advanced search tools, and full access to WindowsITPro.com—order today!
Register
