Re: w2k AD security question
From: yannacci (yannacci.12322b_at_mail.mcse.ms)
Date: 02/23/04
- Next message: scott: "SMTP running but cant start VIRTUAL SERVER ?"
- Previous message: Hans-Georg Michna: "Re: Network path not found?"
- In reply to: Roland Hall: "Re: w2k AD security question"
- Next in thread: Roland Hall: "Re: w2k AD security question"
- Reply: Roland Hall: "Re: w2k AD security question"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 23 Feb 2004 07:21:24 -0600
Roland,
Thank you for your response. So it really isn't a security issue as
all then. If I am correct, all the AD is doing is giving a "yes or no"
answer to the login information that is provided by the script instead
of requesting authentication to access resources etc. Would you agree?
Thanks.
Ken
Roland Hall wrote:
> *"yannacci" wrote:
> : One of the programmers at my office wrote an application that
> queries
> : the AD for username and password info. To the best of my
> understanding
> : the user goes to a website, enters their login information, and
> the
> : information is checked against their AD user account. The
> security
> : problem here is that it doesn't lock the user out after three
> invalid
> : passwords. Am I missing something here? In my opinion, this
> seems
> : like a pretty serious security flaw. Thanks.
>
> If the script is only obtaining the information from AD and not
> trying to
> authenticate, then the issue is with your developer. If the
> security
> settings are used properly, then the request will be passed to AD
> and
> returned and your policies will be enforced.
>
> --
> Roland Hall
> /* This information is distributed in the hope that it will be
> useful, but
> without any warranty; without even the implied warranty of
> merchantability
> or fitness for a particular purpose. */
> Online Support for IT Professionals -
> http://tinyurl.com/233aa
> How-to: Windows 2000 DNS:
> http://tinyurl.com/2w96b *
-- yannacci ------------------------------------------------------------------------ Posted via http://www.mcse.ms ------------------------------------------------------------------------ View this thread: http://www.mcse.ms/message415866.html
- Next message: scott: "SMTP running but cant start VIRTUAL SERVER ?"
- Previous message: Hans-Georg Michna: "Re: Network path not found?"
- In reply to: Roland Hall: "Re: w2k AD security question"
- Next in thread: Roland Hall: "Re: w2k AD security question"
- Reply: Roland Hall: "Re: w2k AD security question"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
