On Sep 6, 2019, at 2:00 PM, Tom Benedict wrote:
> Can you also get access privileges from AD? If so, how are they synced to 4D
> Users & Groups? Or maybe they aren’t? If they aren’t, what do you do to
> manage access within the app?
Hi Tom,
For the system I was talking about, I gave my client
Hi Eric,
This is a good discussion and you are making a lot of good points.
On Fri, Sep 6, 2019 at 6:25 AM Eric Naujock via 4D_Tech <
4d_tech@lists.4d.com> wrote:
> 1. Passwords are only alphanumeric.
> 2. No two factor options.
> 3. Usernames and password are stored in the Structure file. (Very
On Sep 6, 2019, at 06:15, Jörg Knebel via 4D_Tech <4d_tech@lists.4d.com> wrote:
> Arrgh, do you rely believe trusting/relying on an outside “system” is worth
> even considering?
>
> Please think again, and than think different and again…
>
> Just as a warning, “Active Directory” and
I went ahead and replaced the NTK call with HTTP Get and am waiting to here
from the Client to know how if the crashing has stopped….
I don’t think I’ll get the opportunity to re-test with 8.8.8.8 as the DNS
lookup.
Thanks,
David Ringsmuth
On my 17R3 system the symbols did not work. I tried to do this and they failed
since I was going to use symbols after forced password changes I have symbols
in the directory service. I did an enterprise wide password purge since I had
users who’s passwords were the same as their usernames. I
On Fri, 6 Sep 2019 10:50:30 -0400, Eric Naujock wrote:
>
>
>> On Sep 6, 2019, at 10:19 AM, Chip Scheide
>> <4d_o...@pghrepository.org> wrote:
>>
>> On Fri, 6 Sep 2019 09:25:39 -0400, Eric Naujock via 4D_Tech wrote:
>>> as I look closer at it with questions from a state government
>>> security
> On 6 Sep 2019, at 16:50, Eric Naujock wrote:
>
>>>
>>> 4. No account lockouts for fail authentication attempts. An attacker
>>> can just continuously try usernames and passwords indefinitely.
>> the only workaround is to have to write your own login dialog.
>> I do not know if this is
My current system does extend the directory system. Though managing that
extension can be a headache. Right now we just use the built in basic
username/password authentication. But I have found parts of the old code that
did implement their own authentication solution. But that was likely used
> On Sep 6, 2019, at 10:19 AM, Chip Scheide <4d_o...@pghrepository.org> wrote:
>
> On Fri, 6 Sep 2019 09:25:39 -0400, Eric Naujock via 4D_Tech wrote:
>> as I look closer at it with questions from a state government
>> security person I can see a number of glaring holes that should be
>>
On Fri, 6 Sep 2019 09:25:39 -0400, Eric Naujock via 4D_Tech wrote:
> as I look closer at it with questions from a state government
> security person I can see a number of glaring holes that should be
> filled. These are the biggest ones I see.
>
> 1. Passwords are only alphanumeric.
?? what
If your organization has AD or LDAP servers already I can't think of a
drawback...
> On Sep 6, 2019, at 9:33 AM, Tom Benedict via 4D_Tech <4d_tech@lists.4d.com>
> wrote:
>
> Is there some news about Active Directory which I’ve missed lately? What
> weaknesses should I be concerned enough
Is there some news about Active Directory which I’ve missed lately? What
weaknesses should I be concerned enough about to devote my efforts at "home
brewing" something better?
Thanks,
Tom Benedict
> On Sep 6, 2019, at 06:15, Jörg Knebel via 4D_Tech <4d_tech@lists.4d.com>
> wrote:
>
>
Jong,
Thanks for the feedback. What you have laid out is an interesting concept. I
like the thought that went into it and obviously its working well for you. I
will take your feedback and add it to my thought process. My main project only
has one location but I will have users connecting in
Good morning,
I did take a look at that article a short while ago. Its an interesting
read and they do have a number of interesting security options available. But
there is still the fundamental issue that the gateway or login process is one
that can be hacked and sometimes quite easily
Jeffrey,
> On 6 Sep 2019, at 01:17 AEST, Jeffrey Kain via 4D_Tech <4d_tech@lists.4d.com>
> wrote:
>
> 4D integrates well with Active Directory/LDAP servers. That's probably the
> best way to go, along with some custom code to track failed login attempts
Arrgh, do you rely believe
Tom -
We used to see this a lot after a repair. To confirm Miyako's comments, it
seems to not happen very much anymore, and it seems like this should be
impossible once we start using project mode someday.
Jeff
> On Sep 6, 2019, at 5:43 AM, Tom Benedict via 4D_Tech <4d_tech@lists.4d.com>
>
does it help if you change the DNS to 8.8.8.8 (google)
?
I find that some networks are disconnected from microsoftonline or google
endpoints for a short while.
> 2019/09/06 12:04、David Ringsmuth via 4D_Tech <4d_tech@lists.4d.com>のメール:
>
> It still crashed when NTK 3.1.0 is used to contact
Hi Eric,
Regarding 4D security I recommend to read this special 4D Security Guide to get
a full idea of what 4D offers
https://blog.4d.com/4d-security-guide/
Best regards,
Maurice Inzirillo
--
AJAR S.A.
https://ch-fr.4d.com
twitter: ajar_info
Tél : +41 (0)323422684
> On 5 Sep 2019, at
Eric,
> On 6 Sep 2019, at 24:22 AEST, Eric Naujock via 4D_Tech <4d_tech@lists.4d.com>
> wrote:
>
> Does anyone have a replacement login system for 4D that offers stronger
> authentication security than the current system. Since the current system
> does not enforce password changes, or
19 matches
Mail list logo