Security and Identity in the Cloud

Cloud Identity Blog is my way to discuss, show and share information about different technology topics, mainly in the Security, Identity and Access Management areas.

Browse by Tags

Related Posts
  • Blog Post: Windows Server 2008 Terminal Services gateway #3

    Client Side Configuration to access remote TS Server via TS Gateway Windows Vista Remote Desktop Connection client has new option under Advanced Tab - "Connect from anywhere" If you click on the Settings button it will allow to specify the TS Gateway server: Server name that you type here...
  • Blog Post: The FIM Experience–Exercise 1

    Here is the recording of the first lab exercise from the Implementing Forefront Identity Manager 2010 training. In this exercise we are going to edit user identity data and observe the effect on other connected systems. Please watch this video in Full screen and in HD for higher quality and better user...
  • Blog Post: Claims based Authentication – Part II

    In previous post we started examination of the authentication process in our demo environment. Lets examine what happens in step 5 of the step-step guide. During this step Contoso STS was configured to work with Fabrikam STS. There were three primary steps in this process: Add Fabrikam STS as Identity...
  • Blog Post: FIM CM and Custom Subject Policy Module

    Forefront Identity Manager Certificate Management (FIM CM) provides very useful function – it can create certificate with predefined subject, specified by the Administrator and enforced centrally on all certificates issued via FIM CM. Most PKI implementations are governed by Certificate Policy (CP) and...
  • Blog Post: Token Policy and STS

    If you are familiar with PKI projects you are probably know about Certificate Policy (CP) and Certificate Practice Statements (CPS). Both based on published RFC and usually required in most PKI implementations. CP specify the policy for PKI and CPS specifies how this policy is implemented by each CA...
  • Blog Post: Windows 2008 Terminal Services Gateway

    One of the new exciting technologies that will be shipped with Windows 2008 Server is the Terminal Services Gateway. It is exciting not just because it will be used by many companies but because it can be used by many other technologists and make our life a little easier and more exciting. I like...
  • Blog Post: Claims Based Authentication – Part III

    This is continuation of two previous posts. Please check them out first, otherwise this one might not make much sense at all. Step 6 in step-step guide configures Fabrikam STS with Relying Party and shows how to configure Information Cards to automate home realm discovery. I’m not going to talk about...
  • Blog Post: Windows Server 2008 Terminal Services Gateway #2

    Configuration of the Terminal Services Gateway is fairly straightforward. The following diagram shows the simplified configuration of how I configured it to get access to my home lab. Windows 2008 provides wizards for all of it different components and the configuration of Terminal...
  • Blog Post: The FIM Experience–Exercise 2 and 3–Video Demonstration

    This is a continuation of the first lab from the Implementing Forefront Identity Manager 2010 training. You can watch the first part of the lab here . In this demonstration we are going to perform the following tasks: Add new users and examine group memberships Add full-time employee Add a contractor...
  • Blog Post: Claim Based Authentication IV

    In previous three posts we examined how claim authentication flow works for users in the same domain as SharePoint site and for users from other organizations. As we have seen, the value for Role claim was based on the Active Directory group membership. For instance, Frank Miller from Fabrikam was given...
  • Blog Post: PKI Installation Made Easy–Video

    Ever wonder how difficult it is to install a two tier PKI system? It is actually not that difficult. Watch this video with live step-by-step demonstration showing how to do just that. Entire system can be up and running in under one hour time frame. This is about 70 minutes video presentation showing...
  • Blog Post: The FIM Experience–Exercise 4–Video Demonstration

    This is a continuation of the first lab from the Implementing Forefront Identity Manager 2010 training. Before watching this demonstration it might be helpful to watch the prior two demonstrations, but not required. In this demonstration we are going to perform the following tasks: Log on to Windows...
  • Blog Post: Levels of Assurance and Claims-based authentication

      Federal Agencies must comply with OMB 04-04 publication. There is an established framework asserting different levels of assurance for digital identities, such as user accounts/passwords, Smart Cards and other types of tokens. Claims-based authentication solutions must support the proper assertion...
  • Blog Post: TS Gateway #4

    Server side configuration In previous 3 postings I talked about why I liked TS gateway, the overall architecture for configuring TS Gateway in home lab environment and the client side configuration. This time I'll show a few screen shots of the TS Gateway configuration. The configuration is very...
  • Blog Post: Claims based Authentication - Part I

    Claims based authentication is getting more ground and with more practical applications we’ll see more and more adoption of this technology. Recently I downloaded and went through step-step demonstration on using Microsoft Office SharePoint Server 2007 and Active Directory Federation Services v2 (ADFS...
  • Blog Post: Live and Learn

    Learned a few little tidy bits this week, or maybe relearned what was known before. But some of it was painful discovery. I was building a lab with multiple physical servers and one big virtual server host. One of the virtual guests is TMG 2010 which is used in this lab as firewall/router between multiple...
  • Blog Post: Cool Windows 2008 posters

    cool posters for download, check it out: http://www.microsoft.com/downloads/details.aspx?FamilyID=c2b9e44e-0bbd-47cb-bc09-b3d48be7f867&displaylang=en