Blog

1 comment

Downloading and installing Adobe Reader with PowerShell

Sometimes you need to force Adobe Reader update non-interactively on a fleet of PCs. Perhaps, a zero-day vulnerability has been discovered or the auto-updater was turned off at some point. There are tons of scripts on this subject on the Internet, but very few actually work. The main reason is — most of them work by enumerating files on Adobe FTP site, then attempt to infer and download the most recent one. The problem here is that Adobe stopped updating their FTP a long time ago in the favor of a more modern CDN-based update site. There’s also some scripts that attempt to screenscrape the latest download link via regular expressions from the Adobe Reader download page. This method is quite fragile, and may change as Adobe updates the download page. Read more

ewseditor-300x172-1

0 comments

How to test ApplicationImpersonation permission in Exchange

When using tools like TimeTrade or Unified Communications systems, you need to set-up an MS Exchange service account with ApplicationImpersonation permission. This permission allows the service account to read and write other user’s mailboxes within your organization (all of them or scoped using a filter). If you need to confirm that the permissions were granted correctly when you’re troubleshooting something here’s how you can do it. Read more

0 comments

Why LDAP binds fail if I’m using user’s Distinguished Name (DN) with MD5-DIGEST in an ActiveDirectory environment?

The short answer – this is by design. Slightly longer answer below.

The way MD5-DIGEST authentication works, it requires both server and client to exchange nonce numbers, then calculate MD5 of the username and password, then perform some calculations with this hash and nonces. In case of client everything is pretty straightforward as it has user-entered (or stored) plaintext password right there. Read more