Webinar - Active Directory Domain Services and Suggested Practices for Authentication

Wednesday, May 7, 2014
Noon ET | 11 am CT | 10 am MT | 9 am PT

Do you have Microsoft’s Active Directory Domain Services as part of your identity management system? Join us for a webinar at noon (ET) on Wednesday, May 7, to learn about the revision of a popular cookbook that demonstrates suggested practices for authentication.

The InCommon Silver with Active Directory Domain Services Cookbook provides help for those interested in adopting InCommon Silver Identity Assurance Profile and enhancing their authentication security. The document is available on the Internet2 wiki at https://spaces.at.internet2.edu/x/dJSVAQ.

The Cookbook contains specific guidelines for identity provider operators that have Microsoft's Active Directory Domain Services at or near the core of their identity management systems, including:​

  • storage encryption for domain servers that hold passwords,
  • AD-provided authentication protocols, and
  • password replication among domain controllers.
    The Cookbook also includes interpretations, reviewed by the Assurance Advisory Committee, of key IAP sections that may be of value to institutions utilizing technologies other than Active Directory in their identity management systems. This revision, originally published in 2012, addresses changes in version 1.2 of the InCommon Assurance Profile (IAP).

The U.S. Government-approved Silver Identity Assurance Profile, comparable to the NIST Level of Assurance 2, has identity-proofing requirements that provide reasonable assurance of individual identity. The profile describes sets of Identity Provider Operator requirements for registering individuals, issuing credentials, and managing related identity management information. For more information on InCommon’s Assurance Program, see assurance.incommon.org.

Adobe Connect (slide sharing and one-way audio): http://internet2.adobeconnect.com/incforum

Dial-in (to participate in the conversation):
+1-734-615-7474 (preferred)
+1-866-411-0013 (toll-free in U.S. and Canada)
PIN: 0101010#

  • No labels