I am writing about that PKI stuff again. I am running out of ideas for catchy introductions. So, here is a new post with old code! In Active Directory a UPN is mapped to a user automatically if it matches a user's LDAP attribute userPrincipalName (and a DNS SAN is mapped to dnsHostName). A Windows … Continue reading How to Add a Subject Alternative Name Safely
You can parse the binary blobs that represent certificates stored in the Windows registry with certutil correctly, even when the Windows Explorer / GUI tells you that this is not a certificate. certutil seems to be able to handle / ignore meta data better. Once upon a time I played with the machine Ethereal provided by … Continue reading Parse Certificates Stored in the Windows Registry
Some public key infrastructures run quietly in the background since years. They are half forgotten until the life of a signed file has come to an end - but then everything is on fire. In contrast to other seemingly important deadlines (Management needs this until XY or the world will come to an end!) this … Continue reading Certificates and PKI. The Prequel.
These are just some boring update notifications from the elkemental Webiverse. The elkement blog has recently celebrated its fifth anniversary, and the punktwissen blog will turn five in December. Time to celebrate this - with new domain names that says exactly what these sites are - the 'elkement.blog' and the 'punktwissen.blog' (Edit: which now - … Continue reading Other People Have Lives – I Have Domains
This post has originally been published to my other / 'archive' website in 2014, first as a PDF, later converted to a HTML article. I am publishing it here on my WordPress blog in April 2022, using its original publication date - as it predates most of the other articles in my PKI UPN AD … Continue reading Automatic Mapping of Logon Certificates to Users in Active Directory
[Jump to technical stuff] Some clichés are true. One I found confirmed often is about how technologies are adopted within organizations: One manager meets another manager at a conference / business meeting / CIO event. Manager X show off the latest gadget and/or brags about presents a case-study of successful implementation of Y. Another manager … Continue reading Diffusion of iTechnology in Corporations (or: Certificates for iPhones)
An e-mail discussion related to my recent post on IT security has motivated me to ponder about issues with Public Key Infrastructure once more. So I attempt - most likely in vain - to merge a pop-sci introduction to certificates with sort of an attachment to said e-mail discussion. So this post might be opaque … Continue reading The Strange World of Public Key Infrastructure and Certificates