Kerberos – a guide

There are many guides out there on how to implement Kerberos for application x-y-x.

But there are surprisingly few going into some of details that are important for the understanding what you are doing exactly.

So with this article I am going to hopefully help you understand how Kerberos works in a general sense, and that is not as difficult to implement as you might think (as long as you have the all the pieces of the puzzle).

Continue reading Kerberos – a guide

DFS domain name resolution headaches

EDIT!: An update to this six months later….

So here is a quick one; ever had issues with DFS (Distributed File System) share being unable to resolve their name properly at seemingly random times?

If the answer is yes, here is a quick solution to test:
Try appending a “.” (dot) at the end of the fully qualified domain.
So \\anitblog.no\DFSRoot would become \\anitblog.no.\DFSRoot.

The reason for this is that appending the dot to a FQDN makes it an absolute query instead of an relative one.

Instead of rephrasing someone else, here is an explanation about dots in name resolution:
https://stackoverflow.com/questions/19480767/domain-names-with-dots-at-the-end

Drivers – Thunderbolt Software, device approval without local admin

I stumbled into an issue recently with Thunderbolt enabled computers.

By default the Thunderbolt Software that is used to approve Thunderbolt devices requires local administrator to work, this is not really practical in enterprise environments where most users are not local administrators.

So i dug into it and found some solutions to this issue.

Continue reading Drivers – Thunderbolt Software, device approval without local admin