Securing Office 365 with Okta Index
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Login with Amazon Developer Guide for Websites
Login with Amazon Developer Guide for Websites Login with Amazon: Developer Guide for Websites Copyright © 2017 Amazon Services, LLC or its affiliates. All rights reserved. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates. All other trademarks not owned by Amazon are the property of their respective owners Contents Welcome .................................................................................................................................................. 2 How Do I...? .............................................................................................................................................. 2 Understanding Login with Amazon ........................................................................................................... 3 Login with Amazon Conceptual Overview ................................................................................................. 4 Single Sign-On (SSO) for Web ................................................................................................................. 6 Single Sign-On (SSO) for Mobile ............................................................................................................. 7 Access Token ............................................................................................................................................ 7 Authorization Code ................................................................................................................................... 7 Refresh Token .......................................................................................................................................... -
Meeting Planner Documentation
MEETING PLANNER Installation, Configuration, and User Guides Last Updated: April 24, 2018 EMS Software | emssoftware.com/help | 800.440.3994 | © 2018 EMS Software, LLC. All Rights Reserved. Table of Contents CHAPTER 1: Introduction to Meeting Planner 1 Contact Customer Support 1 CHAPTER 2: Network Architecture Diagram 2 2 CHAPTER 3: Hardware & Software Requirements 3 Hardware Requirements 3 1-5,000 active users 3 5,000-30,000 active users 4 30,000+ active users 5 Software Prerequisites 6 End-User Machines 6 Application Server 8 Exchange Server 10 Service Accounts 10 Database Server 11 CHAPTER 4: Hardware & Software Requirements Checklist 13 End user machines 13 Application Server 13 Web Server (Roles) 13 Message Queuing Services 14 Internet Information Services 14 Microsoft .NET Framework 14 Service Accounts 14 Database Server 14 SQL Server 14 CHAPTER 5: Server 2012 Prerequisite Setup 15 Application Server Prerequisite Setup 15 Web Server (Role) 15 Message Queuing Services 19 Internet Information Services (IIS) 19 Microsoft .NET Framework 21 Supporting Microsoft References: 22 Database Server Prerequisite Setup 22 SQL Server 22 CHAPTER 6: Server 2008 R2 Prerequisite Setup 25 Application Server Prerequisite Setup 25 Web Server (Roles) 25 Message Queuing Services 26 Internet Information Services (IIS) 27 Microsoft .NET Framework 28 Supporting Microsoft References: 29 Database Server Prerequisite Setup 29 SQL Server 29 CHAPTER 7: Application Server Installation 31 CHAPTER 8: Database Server Configuration 35 Identify Database 35 Restore Database -
MS Exchange 2016
MS Exchange 2016 Deployment Guide UPDATED: 23 March 2021 MS Exchange 2016 Copyright Notices Copyright © 2002-2021 Kemp Technologies, Inc. All rights reserved. Kemp Technologies and the Kemp Technologies logo are registered trademarks of Kemp Technologies, Inc. Kemp Technologies, Inc. reserves all ownership rights for the LoadMaster and Kemp 360 product line including software and documentation. Used, under license, U.S. Patent Nos. 6,473,802, 6,374,300, 8,392,563, 8,103,770, 7,831,712, 7,606,912, 7,346,695, 7,287,084 and 6,970,933 kemp.ax 2 Copyright 2002-2021, Kemp Technologies, All Rights Reserved MS Exchange 2016 Table of Contents 1 Introduction 5 1.1 About This Manual 5 1.2 Related Firmware Version 5 1.3 Prerequisites 5 2 Exchange 2016 Overview 7 2.1 Understanding Server Load Balancing 7 2.2 Enable Subnet Originating Requests Globally 8 2.3 100-Continue Handling 9 2.4 Additional L7 Header 9 3 Virtual Service Templates 11 4 Configuring Virtual Services for Exchange 2016 12 4.1 HTTPS Offloaded and Reencrypt without ESP 12 4.1.1 Add SSL/TLS Certificate 12 4.2 HTTPS Offloaded and Reencrypt with ESP 14 4.2.1 Add SSL/TLS Certificate 15 4.2.2 Configure ESP 16 4.3 IMAP and IMAPS Virtual Service 18 4.4 IMAPS Offloaded and IMAP with STARTTLS Virtual Service 19 4.5 POP and POPS Virtual Service 20 4.6 POPS Offloaded and POP with STARTTLS Virtual Service 20 4.7 SMTP and SMTPS Virtual Service 21 kemp.ax 3 Copyright 2002-2021, Kemp Technologies, All Rights Reserved MS Exchange 2016 4.8 SMTPS Offloaded and SMTP with STARTTLS Virtual Service 22 4.9 -
Understand How MAPI Over HTTP Is Changing Your Outlook Introduction
Understand how MAPI over HTTP is changing your Outlook Introduction MAPI/ HTTP is slowly replacing RPC/ HTTP. Office 365 has already implemented it and Outlook 2016 use this protocol by default. The questions we explored at GSX were: does MAPI impact the end-user performance? How does it change the network’s consumption? Will you have performance tickets when switching from one protocol to another? To best answer these questions, we decided to employ our Robot Users, with different network configurations and the two protocols. Through this article, we will divulge our findings. MAPI over HTTP: features and benefits What is MAPI? MAPI stands for Messaging Application Programming Interface. If we had to describe it simply, it is just a way for a program to call functions on a messaging server. MAPI has been around for a while. In 1991, MAPI 0 was available for MS Mail. At that time, the API was not yet officially called MAPI. First formal release of MAPI was in 1992. Initially, it was designed just to let a local mail client running on Windows talk to a mail server running on Windows as well in the same network. With the first MAPI, the problem was that it was designed to be used exclusively on your network, and it was created even before the current Internet existed. It just defined a series of remote procedure calls (RPC) that are also very old and did not address any security concerns. These problems made it particularly unsafe to make it available on the Internet. Before the most recent release of MAPI, we used RPC over HTTP: It was still MAPI, just first wrapped with RPC and then wrapped with HTTP, resulting in what we know as “Outlook Anywhere”. -
Enterprise Vault™ Setting up Exchange Server Archiving
Enterprise Vault™ Setting up Exchange Server Archiving 12.3 Enterprise Vault™: Setting up Exchange Server Archiving Last updated: 2018-03-29. Legal Notice Copyright © 2018 Veritas Technologies LLC. All rights reserved. Veritas, the Veritas Logo, Enterprise Vault, Compliance Accelerator, and Discovery Accelerator are trademarks or registered trademarks of Veritas Technologies LLC or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This product may contain third-party software for which Veritas is required to provide attribution to the third party ("Third-party Programs"). Some of the Third-party Programs are available under open source or free software licenses. The License Agreement accompanying the Software does not alter any rights or obligations you may have under those open source or free software licenses. Refer to the Third-party Legal Notices document accompanying this Veritas product or available at: https://www.veritas.com/about/legal/license-agreements The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Veritas Technologies LLC and its licensors, if any. THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. VERITAS TECHNOLOGIES LLC SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. -
Vmware Workspace ONE Access 20.01 Managing User Authentication Methods in Vmware Workspace ONE Access
Managing User Authentication Methods in VMware Workspace ONE Access JAN 2020 VMware Workspace ONE Access 20.01 Managing User Authentication Methods in VMware Workspace ONE Access You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com © Copyright 2020 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 2 Contents 1 Configuring Authentication in VMware Workspace ONE Access 5 2 User Auth Service Authentication Methods in Workspace ONE Access 8 Configuring Password (Cloud) Authentication in Workspace ONE Access 9 Configure Password (Cloud) Authentication with Your Enterprise Directory 10 Configuring RSA SecurID (Cloud) For Workspace ONE Access 13 Prepare the RSA SecurID Server 13 Configure RSA SecurID Authentication in Workspace ONE Access 14 Configuring RADIUS for Workspace ONE Access 16 Prepare the RADIUS Server 16 Configure RADIUS Authentication in Workspace ONE Access 16 Enable User Auth Service Debug Logs In Workspace ONE Access Connector 19 3 Configuring Kerberos Authentication In Workspace ONE Access 21 Configure and Enable Kerberos Authentication in Workspace ONE Access 21 Configuring your Browser for Kerberos 23 Configure Internet Explorer to Access the Web Interface 23 Configure Firefox to Access the Web Interface 24 Configure the Chrome Browser to Access the Web Interface 25 Kerberos Initialization Error in Workspace ONE Access 26 4 Associate Workspace ONE Access Authentication Methods -
Adminstudio Inventory and Rationalization 2015 SP1 Installation Guide Legal Information
AdminStudio Inventory and Rationalization 2015 SP1 Installation Guide Legal Information Book Name: AdminStudio Inventory and Rationalization 2015 SP1 Installation Guide Part Number: ASRM-2015SP1-IG00 Product Release Date: 26 January 2016 Copyright Notice Copyright © 2016 Flexera Software LLC. All Rights Reserved. This publication contains proprietary and confidential information and creative works owned by Flexera Software LLC and its licensors, if any. Any use, copying, publication, distribution, display, modification, or transmission of such publication in whole or in part in any form or by any means without the prior express written permission of Flexera Software LLC is strictly prohibited. Except where expressly provided by Flexera Software LLC in writing, possession of this publication shall not be construed to confer any license or rights under any Flexera Software LLC intellectual property rights, whether by estoppel, implication, or otherwise. All copies of the technology and related information, if allowed by Flexera Software LLC, must display this notice of copyright and ownership in full. Intellectual Property For a list of trademarks and patents that are owned by Flexera Software, see http://www.flexerasoftware.com/intellectual-property. All other brand and product names mentioned in Flexera Software products, product documentation, and marketing materials are the trademarks and registered trademarks of their respective owners. Restricted Rights Legend The Software is commercial computer software. If the user or licensee of the Software is an agency, department, or other entity of the United States Government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Software, or any related documentation of any kind, including technical data and manuals, is restricted by a license agreement or by the terms of this Agreement in accordance with Federal Acquisition Regulation 12.212 for civilian purposes and Defense Federal Acquisition Regulation Supplement 227.7202 for military purposes. -
The Windows Operating System, Such As the Logon Process and the Session Manager
TTHEHE WWINDOWSINDOWS OOPERATINGPERATING SSYSTEMYSTEM William Stallings This document is an extract from Operating Systems: Internals and Design Principles, Fifth Edition Prentice Hall, 2005, ISBN 0-13-147954-7 Copyright 2005 William Stallings TTABLEABLE OFOF CCONTENTSONTENTS 2.5 MICROSOFT WINDOWS OVERVIEW...........................................................................3 History............................................................................................................................3 Single-User Multitasking...............................................................................................5 Architecture....................................................................................................................7 Operating System Organization.........................................................................7 User-Mode Processes.......................................................................................10 Client/Server Model.....................................................................................................11 Threads and SMP.........................................................................................................13 Windows Objects.........................................................................................................13 4.4 WINDOWS THREAD AND SMP MANAGEMENT.....................................................17 Process and Thread Objects.........................................................................................18 -
Measuring and Mitigating Oauth Access Token Abuse by Collusion Networks
Measuring and Mitigating OAuth Access Token Abuse by Collusion Networks Shehroze Farooqi Fareed Zafar The University of Iowa Lahore University of Management Sciences Nektarios Leontiadis Zubair Shafq Facebook The University of Iowa ABSTRACT 1 INTRODUCTION We uncover a thriving ecosystem of large-scale reputation manipu- Online social networks have become the primary way people con- lation services on Facebook that leverage the principle of collusion. nect and communicate with each other, consume information, and Collusion networks collect OAuth access tokens from colluding mem- form opinions. Reputation is a fundamental tenet of online social bers and abuse them to provide fake likes or comments to their networks. People trust the information that is posted by a reputable members. We carry out a comprehensive measurement study to social media account or is endorsed (e.g., liked) by a large number understand how these collusion networks exploit popular third- of accounts. Unfortunately, reputation fraud is prevalent in online party Facebook applications with weak security settings to retrieve social networks. A number of black-hat reputation manipulation OAuth access tokens. We infltrate popular collusion networks services target popular online social networks such as Facebook using honeypots and identify more than one million colluding Face- and Twitter [29, 53, 63]. These services rely on a large number of on- book accounts by “milking” these collusion networks. We disclose line social network accounts to conduct reputation manipulation at our fndings to Facebook and collaborate with them to implement a scale. To accomplish this goal, fraudsters purchase fake accounts in series of countermeasures that mitigate OAuth access token abuse bulk from underground marketplaces [55, 57], use infected accounts without sacrifcing application platform usability for third-party compromised by malware [51], or recruit users to join collusion developers. -
Stealthaudit MAPI CDO Installation Guide 5
2020 StealthAUDIT® MAPI CDO Installation Guide StealthAUDIT® TOC StealthAUDIT MAPI CDO Installation 3 Appendix for the StealthAUDIT MAPI CDO Installation Guide 5 More Information 8 Doc_ID 647 2 Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT® StealthAUDIT MAPI CDO Installation Both the StealthAUDIT MAPI CDO and the Microsoft® Exchange MAPI CDO must to be installed in order to enable the Settings > Exchange node. The Settings > Exchange node is grayed-out and unable to be selected by default. The Microsoft Exchange MAPI CDO is only required to run the MAPI-based data collectors. See the StealthAUDIT Exchange Solution Admin Guide for additional information. The StealthAUDIT MAPI CDO can be downloaded from the Product Downloads page of the Stealth- bits website. The Microsoft Exchange MAPI CDO can be downloaded directly from Microsoft. See the Appendix for the StealthAUDIT MAPI CDO Installation Guide for requirements and installation steps to install the Microsoft Exchange MAPI CDO. CAUTION: The StealthAUDIT MAPI CDO must be installed first before installing the Microsoft Exchange MAPI CDO. Before installing either binary, close the StealthAUDIT application and ensure the following require- ments have been met: l Exchange System Manager for Exchange 2003 is not installed on the StealthAUDIT Console server. l Microsoft Outlook is not installed on the StealthAUDIT Console server. Doc_ID 647 3 Copyright 2020 STEALTHBITS TECHNOLOGIES, INC. ALL RIGHTS RESERVED StealthAUDIT® These programs interfere with MAPI connections if they are installed on the StealthAUDIT Console server. Follow the steps to install the StealthAUDIT MAPI CDO. Step 1 – Run the StealthAuditMapiCDO executable. Step 2 – Click OK to confirm the path. -
Roadmap for Section 4.3
Unit OS4: Scheduling and Dispatch 4.3. Windows Process and Thread Internals Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section 4.3. Windows Process and Thread Internals Thread Block, Process Block Flow of Process Creation Thread Creation and Deletion Process Crashes Windows Error Reporting 2 1 Windows Process and Thread Internals Data Structures for each process/thread: Process environment Executive process block block (EPROCESS) Thread Executive thread block environment block (ETHREAD) Process address space Win32 process block System address space Process block Process environment block (EPROCESS) Win32 process block Thread environment block Handle table Thread block (ETHREAD) ... 3 Process Container for an address space and threads Associated User-mode Process Environment Block (PEB) Primary Access Token Quota, Debug port, Handle Table etc Unique process ID Queued to the Job, global process list and Session list MM structures like the WorkingSet, VAD tree, AWE etc 4 2 Thread Fundamental schedulable entity in the system Represented by ETHREAD that includes a KTHREAD Queued to the process (both E and K thread) IRP list Impersonation Access Token Unique thread ID Associated User-mode Thread Environment Block (TEB) User-mode stack Kernel-mode stack Processor Control Block (in KTHREAD) for CPU state when not running 5 Processes & Threads Internal Data Structures Access Token VAD VAD VAD Process Object Virtual Address Space Descriptors See kernel debugger Handle Table commands: object dt (see next slide) !process object !thread !token !handle !object Thread Thread Thread . Access Token 6 3 Process Block Layout Kernel Process Block (or PCB) Process ID Parent Process ID Dispatcher Header Exit Status Process Page Directory Create and Exit Time Kernel Time EPROCESS User Time Next Process Block Inwwap/Outswap List Entry Quota Block KTHREAD . -
An Unsupported Workaround for the My Organizer View Published on Ceptara (
An unsupported workaround for the My Organizer view Published on Ceptara (http://www.ceptara.com) An unsupported workaround for the My Organizer view Mon, 08/30/2010 - 12:44 — Chris A couple of folks have wanted to customize the 'My Organizer' view - The way it works - a webpage "c:\temp\MyOrganizer.htm" is established as the 'Home Page' for the 'My Organizer' folder, so theoretically by simply editing that file one could change the way that view looks when the 'My Organizer' folder is selected. The webpage makes use of the Outlook View Control (OVC) - available when Microsoft Office is installed. One customer asked if it was possible to point at a different Inbox for viewing mail in that view. The answer is yes if you change the Folder the OVC points at. Here's the example: Current code looks like this: <object classid=CLSID:0006F063-0000-0000-C000-000000000046 id=MailViewControl width="100%" height="250" codebase="http://activex.microsoft.com/activex/controls/office/outlctlx.CAB#ver=9,0,0,3203 [1]"> <param name="Namespace" value="MAPI"> <param name="Folder" value="Inbox"> <param name="View" value="Messages"> <param name="Restriction" value=""> <param name="DeferUpdate" value="0"> </object> Notice the line "<param name="Folder" value="Inbox">. This tells the OVC to get the view information from the default Inbox. If one wanted to point at a different folder, they would only need to put in the path to that folder, e.g. <OBJECT id="ViewCtlFolder" classid="CLSID:0006F063-0000-0000-C000-000000000046" id=MailViewControl height="250" width="100%"