Dennis Stackley Technical Blog

Best Solution for Securely Storing Passwords and PINs

dennis — Mon, 23 Apr 2012 15:16:06 +0000

You should never write passwords or PINs down on paper nor should you keep them stored in a text file, Word document, or Excel spreadsheet. Additionally, you should never use the same password at more than one place or web site because doing so will provide a hacker easy access to everything if he/she gains access to your favorite password. I will now explain how you can securely keep your passwords and PINs with you at all times and within easy reach whether you are using your iPad, Android tablet, Windows phone, PC, notebook, MacBook, Linux machine, or smartphone.

Original post blogged on b2evolution.

Configuring Cisco ASA for VPN with Android and Windows 7

dennis — Thu, 19 Apr 2012 16:25:21 +0000

When attempting to configure my Cisco Adaptive Security Appliance (ASA) 5505 firewall for VPN connections from my Droid, I found a number of sites that provided information but none that worked perfectly. Part of the problem may be that my ASA is not running the latest version of the IOS. The IOS is 7.2(3) and the Droid is currently running 2.3.6.

Original post blogged on b2evolution.

Boolean Variable in C# .NET Not Being Set

dennis — Fri, 09 Jul 2010 17:38:58 +0000

I developed a Windows service a couple of years ago that rids dormant user objects from Active Directory. It was a fairly simple service that did what it needed to do and took into consideration the quirks of Microsoft's Active Directory Domain structure such as when users authenticate, they do so against a single domain controller with that timestamp being stored instantly on just that DC. Eventually this timestamp gets replicated to other domain controllers but that can take up to a couple of weeks.

I recently had to add additional functionality to the service so that it would clean up AD accounts referenced from an Oracle database too. Rather than having to install the Oracle SQL*Net client on the Windows server where the service runs (which could be one of the DCs), I decided to call a web service running on a web server when performing the cleanup against the Oracle database. Within the logic executed by the Windows service, I generally place a boolean variable so that the service knows if it is already running or not each time the timer fires. If it is already running, the logic is skipped until the next time it is set to fire. Adding a call to a web service caused the logic to run once but after that it failed to run again because it thought the timer from the last firing was still being processed.

Original post blogged on b2evolution.

Windows Server 2003 Domain Controller LDAPS Certificate Expiration

dennis — Mon, 07 Jun 2010 15:06:08 +0000

Applications these days should be using secure LDAP (LDAPS) or Transport Layer Security (TLS) for authentication and authorization against a domain controller (DC). This provides an encrypted connection for data to traverse between a client, which could be a web server, and the DC. As with most encryption schemes that use digital certificates, the server certificate on the DC must be valid and not expired. An expired certificate on the DC will cause new connection attempts to the DC from clients to fail. In my experience, the clients will not try to connect to a secondary DC - so users begin seeing error messages. This all occurs even though the autoenrollment process provided the DC a replacement certificate some 42 days prior to expiration of the current certificate.

Original post blogged on b2evolution.

Windows 7 VPN Connection Locks Active Directory User Account

dennis — Wed, 05 May 2010 15:37:46 +0000

It comes in handy at times to connect with my network at home through a secure VPN connection. I typically use this connection to access files that have been backed up or archived. Prior to upgrading my notebook PC from Windows XP Professional to Windows 7, there were no issues. A problem surfaced, however, just after the upgrade. Within seconds after establishing the VPN connection, my AD user account at work became locked. The reason for the lock: Incorrect password entered more than five times. But how could this be since all I did was establish a VPN connection? How did the upgrade to Windows 7 cause this?

Original post blogged on b2evolution.

Excessive 671 (User Account Unlocked) Messages in Windows Event Log

dennis — Wed, 03 Mar 2010 15:51:04 +0000

I was recently asked to look into why so many 671 messages were being written into the Windows Event Log on the domain controllers. Most of these being done by an application that allows users to change their password when it expires or if they forget it.

Original post blogged on b2evolution.

SnmpRegister Function Fails on Windows 7

dennis — Thu, 04 Feb 2010 16:41:46 +0000

Several years ago I developed an application in PowerBuilder for use on Windows 2000 machines. The application included a feature that sends SNMP requests to Cisco Access Servers and receives responses from the same. Before using the SNMP feature on a Windows 2000 computer, one had to install "Simple Network Management Protocol" under the "Management and Monitoring Tools" in the Add/Remove Windows Components dialog box. This was also true when migrating to Windows XP. When I migrated to Windows 7, the SNMP feature in my application failed when making a function call to SmnpRegister.

Original post blogged on b2evolution.

The DROID

dennis — Thu, 31 Dec 2009 08:49:13 +0000

I decided to retire my HP iPAQ Personal Data Assistant (PDA) after installing Windows 7 on my notebook computer. The iPAQ had been with me, going almost everywhere since 2003 - a long time without an upgrade as far as a PDA is concerned. It took me a while to decide between an iPhone by Apple and a DROID by Motorola. The iPhone and AT&T network has been getting some pretty bad press lately about AT&T's ability to keep up with the traffic brought on by the popular iPhone. My daughter and son-in-law both have iPhones. They live in a large metropolitan area yet calls have been dropping fairly often lately. I ended up settling on a DROID by Motorola with carrier Verizon Wireless. Another deciding factor was because most of my immediate family is Verizon Wireless customers. This helps keep my chargeable minutes low.

Original post blogged on b2evolution.