"Samba authentication and authorization – Introduction to Active Directory Auth protocols and winbind as an AD member" was Volker Lendeckes contribution to FOSDEM 2018 (3 & 4 February 2018) in Brussels. Watch the video recording of the talk or get the slides. In addition, online magazine LWN.net posted a review of the talk.
Main goal was an overview about AD and Samba authentication, in particular communication pathways and trust relationships. Also Lendecke gave an introduction into winbind, the main component of Samba responsible for AD integration.
Volker Lendecke is co-founder of SerNet GmbH and member of the international Samba team.
The verinice.TEAM has released the ISMS tool verinice in version 1.15. Main changes are the integration of the Modernized IT Baseline Protection issued by the German BSI (Federal Office for Information Security) and support of the EU GDPR. Publisher SerNet provides verinice and verinice.PRO for download in the verinice.SHOP or in the customer repository. The release also includes enhancements in various areas such as search and indexing, report query, and the web frontend.
EU GDPR and Data Privacy Module
verinice 1.15 and the enhanced Data Privacy Module enable working with the EU GDPR. The extended Module will be available for download in the verinice.SHOP or in the update repository soon: In addition to the mapping of the dircetory of processings, it also supports the required documentation for contract data processing. Until the deadline in May, additional extensions for the Modul are planned. They include risk management for data privacy and the data privacy impact assessment.
Implement Modernized IT Baseline Protection
verinice 1.15 is the first version that implements the Modernized IT Baseline Protection according to the new BSI standards 200-1, 200-2 and 200-3.
More updates for verinice are on the horizon this year. These are intended to integrate the still missing content from the BSI. verinice Product Owner Michael Flürenbrock: "Users should be able to work with the latest version of the new Baseline Protection in verinice in a timely manner." In particular, risk management and the migration from the previous IT Baseline Protection Catalog to the IT Baseline Protection Compendium are among the expected BSI updates.
verinice users will receive the new versions as part of their ongoing subscriptions.
KIX connection in cooperation with c.a.p.e. IT
In verinice 1.15 the REST interface was expanded. The verinice.TEAM is working closely with Chemnitz (Germany) based c.a.p.e IT, manufacturer of the OTRS-based ticket system KIX. Thus, after Greenbone / OpenVAS now another IT service management (ITSM) tool is directly linked to verinice.
verinice.XP - the conference - in March - in Berlin
The verinice.XP from 21 to 23 March 2018 evolves around verinice. All users of the ISMS tool are invited to Berlin In addition to lectures on innovations such as the Modernized IT Baseline Protection and data privacy in verinice, participants can also expect reports from daily practice, e.g. for use at Berlin Brandenburg Airport, Europ Assistance or for industries such as finance and insurance, water companies and hosters. Tickets and more information at verinicexp.org.
SerNet is part of the Storage Developer Conference (SDC) as Silver Sponsor. The SDC, hosted by SNIA, will take place from September 11 - 14 in Santa Clara (California, USA). In addition to the Samba developer team, SerNet is also present with its sales team and information about SAMBA+.
Ralph Böhme and Stefan Metzmacher, members of the international Samba team and Samba developers at SerNet, also contribute to the SDC program. Stefan Metzmacher will be speaking on "Windows Authentication With Multiple Domains and Forests" on Wednesday, September 13, from 1:00 pm to 1:50 pm local time in room Lafayette / San Tomas. The talk provides an overview of the authentication protocols used in Samba (Kerberos, NTLMSSP and Netlogon Secure Channel). As well as their limitations, different trust levels, and the status of Samba as AD DC regarding trust.
"Understanding and Improving Samba Fileserver Performance" is the lecture by Ralph Böhme. Also on Wednesday, September 13, he will talk about the work that was put into the optimization of the file server performance of Samba last year from 2:00 pm to 2:50 pm (local time) in room Lafayette / San Tomas.
it-sa - the annual fair and meeting place for the IT security industry - will take place from 10 to 12 October in Nuremberg this year. SerNet will be there together with verinice.PARTNERS at the verinice booth in Hall 9 / 9-204.
SerNets verinice.TEAM will be accompanied by some partners from the verinice.PARTNERS network. Cassini, IT-InfoSec, neam and SILA Consulting are part of the project. Together they will present verinice and offer an outlook on verinice 1.15. The partners will also inform about their individual services such as the design, implementation and optimization of a management system for information security, as well as certification and trainings.
You want to learn more about verinice or certain functions? You want to know if verinice is the right tool for you? Or just give us feedback on the software? You want to get to know some verinice.PARTNERS and their services? We look forward to welcoming you at our booth. For appointments send us an email to email@example.com.
Get your visitor ticket for free access to it-sa: Just redeem the voucher code A361597 at http://www.it-sa.de/voucher/. With a visitor ticket you’ll be able to explore it-sa on any day starting at 9am.
verinice has been released in version 1.14 and is available at the verinice.SHOP. Sernet's verinice.TEAM has several major and minor changes packed into the release for the ISMS tool. One focus is on the redesign of the web front end. In addition, there are already some changes in the background for the newly introduced license management. The release notes offer all details.
Redesigned web front end
The most striking innovation of verinice 1.14 is the basic redesign of the web front end, which can be used by verinice.PRO customers. This presents itself sleaker, with more comfortable user experience - and responsive. verinice.PRO users are now able to use it with mobile devices. In addition, the web front end has been upgraded in terms of security.
Newly added is a graphical analysis, which always provides an overview of the current status of information security. It shows the implementation status of the basic protection measures and the ISO controls across all organisations/scopes. This shoul simplify the daily work of CISOs and security officers in particular. With the graphical interface, they can retrieve results in real-time and report them.
The changes are the first step of a fundamental overhaul of the web front end. Further functions will be added.
Also new in verinice 1.14 is a comprehensive license management: Standards can be integrated directly into the tool with their original content. Licenses can be purchased in the verinice.SHOP soon. With verinice 1.14 the preparations for upcoming versions have begun in the background. One of the upcoming innovations concerns the German modernized IT Baseline Protection.
You bought the previous version verinice 1.13 after June 10, 2017? Contact us at sales@ and we will send you a voucher code to download verinice 1.14. sernet.com