PKI Blog

Authentication in an Ultra-Connected World: Internet of Things

Posted by Ted Shorter on Oct 1, 2015 6:05:00 AM

As PKI practitioners, we’ve been asked the question for years: “What’s the best way to get a digital certificate on _____?” What gets filled into the blank has expanded dramatically over time, however. Ten years ago, certificates landed primarily on what I’d describe as “traditional” IT infrastructure – servers, desktops, laptops, smart cards, RADIUS servers, or VPN concentrators. But since then, things have gotten much more interesting. Handheld scanners. Surgical robots. VOIP phones. Set-top boxes. Cable modems. Even heart monitors and IV pumps.

Read More

Topics: install certificates onto devices, digital certificates, cert, embedded systems, certificate, Microsoft Security Partner, expired digital certificate, Public Key Infrastructure, Certificate Management System (CMS), Industry Trends, Microsoft Public Key Infrastructure, Cisco Internet of Things, embedded certificates, embedded devices, Microsoft PKI, X.509 digital certificates, Internet of Things, IoT, Blog, Internet of Things (IoT), certificate install, BYOD, PKI Assurance

ITIL Continual Service Improvement

Posted by Max Szaniawski on Jul 3, 2014 7:22:19 AM

An ITIL implementation in your organization can be confusing. This section explains exactly why we implement ITIL for our services and processes. In Continual Service Improvement (CSI), we have a couple of different models that we need to know - the Seven Step Continual Improvement Model and the Deming Model. Our ultimate goal is to continually improve our services. You may ask…why are we implementing ITIL? Why are we shooting for perfection?

Important keys to success for Continual Service Improvement:

Read More

Topics: Deming Model, GAP Analysis, Continual Service Improvement, IT Security, Microsoft Security Partner, ITIL – Continual Service Improvement, Continual Service Improvement (CSI), Seven Step Continual Improvement Model, TQM, SIX SIGMA, Blog, ITIL

Batch Attribute Updates for Users in Forefront Identity Manager (FIM)

Posted by CSS Technical Team on Jun 25, 2014 11:56:00 AM

A client recently requested the ability to use data in an externally-generated file to perform batch attribute updates for Users in the FIM Service. What made this more complicated than expected was that some of the user attributes, for example Manager, were FIM references.

Read More

Topics: Forefront Identity Manager, IT Security, Microsoft Security Partner, FIM, FIM PowerShell, Forefront Identity Manager (FIM), FIM web service, Identity Management, Microsoft Forefront Identity Manager, Blog, FIM automation, PowerShell

Workplace Join, AD FS 3.0 or OAuth 2.0: Which is Right for You?

Posted by CSS Technical Team on Jun 18, 2014 6:27:00 AM

At first, this question might initially seem like an apples vs. oranges situation. We’ll find out that in some cases it’s not, and that making the best strategic choice for your needs depends on a number of factors.

Read More

Topics: Workplace Join, IT Security, IAM, Microsoft Security Partner, Azure ACS, Microsoft Azure, AD FS 3.0, Identity and Access Management, SAML 2.0, SAML 2.0 via AD FS 3.0, Identity Management, OAuth 2.0, Blog, SaaS, Azure, OAuth, Mobile, BYOD, Windows Azure

What Should a FIM Lab Environment Look Like?

Posted by CSS Technical Team on Jun 17, 2014 6:55:18 AM

This question always brings about a lively discussion during FIM design sessions, as this topic has many different vantage points.

Read More

Topics: Forefront Identity Manager, IT Security, Microsoft Security Partner, Setting up a FIM Lab, FIM production, FIM, Forefront Identity Manager (FIM), Identity Management, FIM Lab Best Practices, SCCM, Blog, what should a fim lab look like, Active Directory (AD), Active Directory, FIM LAB Design, AD, FIM Lab

AD/CS Web Enrollment Delegation

Posted by Wayne Harris on Jun 11, 2014 5:46:29 AM

Have you ever had a problem installing the Active Directory Certificate Services Web Enrollment role feature on a server that is separate from the Certificate Authority?

Read More

Topics: digital certificate, microsoft ca, certificate, IT Security, Microsoft Security Partner, authentication, AD/CS, Public Key Infrastructure, Active Directory Certificate Services (ADCS), web enrollment, Active Directory Certificate Services, CA, AD/CS Web Enrollment Delegation, Blog, Microsoft Certificate Authority

Case Study: Azure Based PKI

Posted by CSS Technical Team on Jun 9, 2014 10:24:18 AM

A leader in the educational software market was developing a custom MDM solution enabling a Bring Your Own Device (BYOD) initiative for the classroom when their developers realized their need for an underlying security and Public Key Infrastructure (PKI). Purchasing individual certificates was out of the question, since their solution required very high certificate volume, and they were reluctant to roll out their own PKI, as reliability and high assurance were key requirements to meet their growing customer base. The customer engaged CSS after realizing that operating a full scale PKI was simply out of their wheelhouse.

Read More

Topics: Managed PKI, IT Security, Microsoft Security Partner, Public Key Infrastructure, Certificate Management System (CMS), PKIaaS, Azure PKI, PKI, PKI as a Service (PKIaaS), Public Key Infrastructure (PKI), Azure Based PKI, PKI as a Service, Blog, Got PKI?

Deleting a Large Number of Objects from the FIM Service with PowerShell

Posted by Sami Van Vliet on Jun 3, 2014 10:49:10 AM

Deleting a large number of objects from the FIM Service can be accomplished in several ways:

Read More

Topics: Delete objects FIM, Forefront Identity Manager, IT Security, Microsoft Security Partner, FIM, FIM PowerShell, Identity Management, Microsoft Forefront Identity Manager, Microsoft FIM, Blog, PowerShell, FIM Service

Azure Active Directory, ADFS 3.0 and OWIN

Posted by Jake Chang on May 12, 2014 9:56:15 AM

With Windows AAD (Azure Active Directory), ADFS 3.0 (Active Directory Federation Service), and OWIN (Open Web Interface for .NET), you will find your corporate individual core identity, making connections between your corporation and the whole world for unlimited opportunities.

Read More

Topics: Federation, Active Directory Federation Service, IT Security, Microsoft Security Partner, AD FS, ADFS 3.0, OWIN Open Web Interface for .NET, Azure Active Directory, Identity Management, OWIN, Open Web Interface for .NET, ADFS, Blog, ADD, Azure

FIM 2010 R2 Unattended Install Where You Want It

Posted by Laurin Kline on May 5, 2014 6:47:15 AM

Recently we started using a custom script to install and configure FIM in a consistent manner. During more than a few manual installs, I’ve been asked to install FIM into a drive or directory other than “C:\Program Files\Microsoft Forefront Identity Manager\2010," so I knew the script would need to have this capability. After finding and reading the “Unattended Installation of FIM 2010 R2” post, I spent a great deal of time searching the internet which led me to the not well documented option, INSTALLDIR=”” that allows the unattended install of FIM components to drives or directories other than the default.

Maybe, this something you already knew, but I thought I’d share it, as it wasn’t an obvious choice.

Read More

Topics: installation path, Forefront Identity Manager, FIM 2010, IT Security, Microsoft Security Partner, FIM, FIM Portal, INSTALLDIR64, Identity Management, FIM Service Service, Microsoft Forefront Identity Manager, Microsoft FIM, Blog, install path, FIM Sync Service, FIM 2010 R2, FIM Service

Posts by Topic

see all

Subscribe to Email Updates

Want to Learn more about CSS?