RE: [ActiveDir] Advertising RPC services - best practices

[Ruston, Neil]

Title: Message

Apologies for being vague :)   I would like to restrict the app so it has read/write/delete to its own RPC container [in AD] and no more.   Moreover, I'm interested to hear any experiences others have of similar RPC advertised apps.   neil -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: 24 June 2005 16:37 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Advertising RPC services - best practices Neil, What are you trying to restrict?  Access to the App, access via RPC, or access via AD?  I can help, but the scope is pretty big at this point. Rick From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ruston, Neil Sent: Friday, June 24, 2005 9:40 AM To: 'ActiveDir@mail.activedir.org' Subject: [ActiveDir] Advertising RPC services - best practices   Does anyone have any suggestions, comments or experiences with applications that advertise themselves via the RPCservices container in AD? Specifically, the subject of security is of interest to me. i.e. how can the application be restricted so that it has a minimum set of privileges without 'breaking' the app? I have read various MS papers on the subject and am happy with the general principles involved. I'm more interested in "real world" examples :)   TIA, neil ============================================================================== Please access the attached hyperlink for an important electronic communications disclaimer: http://www.csfb.com/legal_terms/disclaimer_external_email.shtml ============================================================================== ============================================================================== Please access the attached hyperlink for an important electronic communications disclaimer: http://www.csfb.com/legal_terms/disclaimer_external_email.shtml ==============================================================================