Podcasts about microsoft active directory

Neste episódio do 24Cast, conversamos com Samuel, da SoftExpert, sobre como implementar o login único (Single Sign-On - SSO) com Microsoft Active Directory na versão Enterprise do Bitrix24. Ele compartilha experiências práticas e dicas valiosas sobre governança, segurança da informação, produtividade e gestão de acessos em empresas com mais de 250 usuários. Se você trabalha com infraestrutura de TI, ou gestão de sistemas corporativos, esse papo é pra você!  Tópicos que abordamos: O que é e como funciona o Microsoft Active Directory; Integração com o Bitrix24 Enterprise via SSO (Single Sign-On); Benefícios para segurança, onboarding e desligamentos; Melhores práticas para grandes empresas na gestão de acessos; Dicas para implementar essa solução com mais eficiência;    Participantes do episódio: - Romual Silva - CRMThink - Samuel Vitório - SoftExpert   

In episode 226 of our SAP on Azure video podcast we have Martin Raepple with us again -- and this means authentication, principal propagation and identity management. A few months ago Martin had published a blog post about Identity and Access Management with Microsoft Entra and how to manage access to SAP BTP. Now he published part 2 where he extends the cloud only scenario with a hybrid identity setup that requires managing the user lifecycle across Microsoft Active Directory, Microsoft Entra, SAP BTP, SAP CIS, and an SAP system on-premise.Find all the links mentioned here: https://www.saponazurepodcast.de/episode226Reach out to us for any feedback / questions:* Robert Boban: https://www.linkedin.com/in/rboban/* Goran Condric: https://www.linkedin.com/in/gorancondric/* Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/ #Microsoft #SAP #Azure #SAPonAzure #SAPIDM #Identity #Authentication #MSEntra

Гостем студии подкастов TAdviser сегодня стал Евгений Паутов, директор департамента разработки средств управления «Группы Астра». Он рассказал о проблематике замены решения Active Directory, связанной с прекращением поддержки от вендора и представил продукт ALD Pro, дающий полную функциональность для работы системных администраторов, даже не имеющих опыта работы с системами Linux. Этот подкаст рассказывает об этапах создания нового продукта, сложностях, которые возникли в ходе разработки и подходах к их решению. Слушателям будет интересно узнать о том, как проходит процесс замены Active Directory на ALD Pro в реальном времени и насколько сложно проходит адаптация новых пользователей. Подкаст выпущен при поддержке «Группы Астра». Сайт ALD Pro https://clck.ru/37H5jJ Telegram ALD Pro https://t.me/+cLKPWRh-SRc4ODY6 Сайт «Группы Астра» https://clck.ru/37H6cJ Telegram «Группы Астра» https://t.me/+96fk6Dy7KD9lY2Uy ВК «Группы Астра» https://vk.com/gruppa_astra ------------------------------------------------------------------- Присылайте свои предложения и комментарии по развитию подкастов TAdviser на почту editor@tadviser.ru Telegram-канал TAdviser: ⁠https://t.me/tadviser⁠ Канал TAdviser на VK: ⁠https://vk.com/it_in_russia

Because of how valuable your data is, protecting it against theft and unauthorized use is perhaps your biggest challenge. Databases need more security than the bare minimum.   In this episode, Lois Houston and Nikita Abraham, along with Greg Genovese, talk about how Oracle's data-driven security features work together to create a maximum security architecture.   Oracle MyLearn: https://mylearn.oracle.com/ Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ Twitter: https://twitter.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Ranbir Singh, and the OU Studio Team for helping us create this episode.   ---------------------------------------------------------   Episode Transcript:   00;00;00;00 - 00;00;38;18 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started. Hello and welcome to the Oracle University Podcast. I'm Lois Houston, Director of Product Innovation and Go to Market Programs with Oracle University, and with me is Nikita Abraham, Principal Technical Editor.   00;00;38;20 - 00;01;01;20 Hello again! In today's episode, we're going to talk with Oracle Database Specialist Greg Genovese about Oracle's Maximum Security Architecture. Hi, Greg. Thanks for joining us today. We have so much sensitive information in our databases so I get why a data thief would try to attack and steal data. But how do they actually do it? Databases don't just operate in a vacuum.   00;01;01;23 - 00;01;26;01 A database is accessed often through a firewall by users and applications. Speaking of those firewalls, if an attacker has managed to penetrate into the internal network, they may choose to go after data traveling over that network. This type of attack is much less likely to be detected than attempts to access the database directly. Another popular attack is against the underlying data files, database backups, or database exports.   00;01;26;04 - 00;01;49;19 Here again, if the attacker is successful, they may be able to steal the entire database without even having to try to log in. Oh my goodness! That sounds terrible. If none of those options work, perhaps the database has an unpatched vulnerability. In many cases, there are automated attack toolkits that help exploit these vulnerabilities.   00;01;49;21 - 00;02;18;29 And let's not forget those non-production copies of the database. What's a non-production copy of a database? In many systems, the test and development instances are effectively just clones of production and are hardly ever monitored as closely as production databases. In most cases, there are copies of database for test, development, stage, and user acceptance testing or UAT. Databases persist data into a storage medium and run on servers with operating systems and peripherals.   00;02;19;02 - 00;02;49;16 All of these are managed by administrators. And administrators are a hacker's favorite point of attack. If they can compromise an admin account, they are in with elevated privileges and in most cases zero controls over what they can do. If the attackers can't compromise an admin account, they can often compromise an end user account. Lower privileges, but often still with access to the data or able to be used as a stepping stone to get that access.   00;02;49;19 - 00;03;20;20 Also, applications make an attractive target too. They are frequently more exposed than a database or database server and often even available from outside of the corporate firewall. That's a lot, Greg. There are just so many points of attack. So then how do I keep my database safe? Securing an Oracle Database is much like securing any other system. You are protecting your data, which could be intellectual property, financial data, personal data about your customers or your staff, or most likely a combination of all three of these things.   00;03;20;22 - 00;03;44;06 Because data is valuable, you need to guard against its theft and misuse. This data is used for business purposes and that means users and applications connect to the database and you need to safeguard that data with security controls that restrict access to the data according to your corporate policy. To do this, you'll need to do three things: assess, detect, and prevent.   00;03;44;06 - 00;04;17;01 Assess, detect, prevent. Okay. But how do you assess and what are you actually assessing? Assess the system to determine its current state and develop a remediation plan. Is the system configured properly? Are patches applied regularly? How are user privileges managed? And are you enforcing these privileges? What types and how much sensitive data is the system holding? Your existing investment in the Oracle Database gives you the features and utilities you need to assess your database and identify areas for improvement and risk reduction.   00;04;17;01 - 00;04;53;21 And how do you detect and prevent? Detect attempts to access data outside of policy and identify anomalies in data access. Almost all database activity is repetitive, so anomalies are frequently a leading-edge indicator of attempted data theft. Prevent access to the data that doesn't go through the database control mechanisms, sniffing traffic over the network, reading the underlying data storage layer, or misuse of database exports and backups. Block inappropriate access to data through control mechanisms that consider the context of the access, not just the identity of the account accessing the data.   00;04;53;21 - 00;05;10;23 Oracle provides industry-leading capabilities for each of these security control objectives. Our team can help you identify the right technical enforcement for virtually any control objective.   00;05;10;25 - 00;05;40;14 Have you been wanting to earn an Oracle certification? Well, there's never been a better time than the present. Now through August 31st, you can choose from over 20 different Oracle certifications and take up to four exams for free, including foundation, associate, and professional level Oracle Cloud Infrastructure certifications. You can also learn and get certified on Oracle Cloud Applications Business Processes for Human Capital Management, Financials, Customer Experience, Supply Chain, and Procurement.   00;05;40;17 - 00;06;07;09 And did I mention this was all free? Oracle Cloud training and certifications empower you to explore limitless possibilities in the cloud landscape. Gain the knowledge and skills needed to design, deploy, secure, and operate modern cloud infrastructure and applications with confidence. You can go to education.oracle.com for more details. What are you waiting for? Get certified today.   00;06;07;12 - 00;06;34;19 Welcome back! Greg, I'm sure every database has a basic level of security, right? There are some things we expect to always be done. What we call the baseline security posture. Establishing the baseline security posture involves several types of different controls. We'll assess the system state, prevent unauthorized activity, and detect activity that is relevant to our security controls. Our first control is assessing the database configuration.   00;06;34;22 - 00;06;59;08 We want to ensure that we haven't made configuration decisions that introduce unnecessary risk into the environment. We'll also check to make sure that the database is current on all security patches. And how do we check this? For this, we have two tools available to us: Database Security Assessment tool or DBSAT and Data Safe. DBSAT is a free utility available for download via My Oracle Support.   00;06;59;08 - 00;07;23;28 Data Safe is a cloud service that is included at no additional cost with Oracle Cloud Database Services. Data Safe is also available for on-prem databases, but there is an additional cost for those. Users and applications connect to the database. We want to ensure that if they are connecting with username and password, we're practicing good password discipline. We also want to consider the use of strong authentication.   00;07;24;00 - 00;07;50;10 Your Oracle database supports Kerberos, TKI certificate, and multi-factor authentication. We'll want to make sure that those users are really able to connect to the database, identifying dormant accounts and checking to be sure we haven't granted privileges that don't make sense in our environment. Here again, DBSAT and Data Safe help by pointing out the use of such things like select any table privileges or grants of the DBA roles.   00;07;50;12 - 00;08;15;06 We should also check that database accounts are actually using the privileges we grant. Is there any way to monitor the privileges we grant? Privilege analysis monitors privilege usage, and can report on privileges that an account has which are not being used. We can then remove those unnecessary privileges, reducing the attack surface presented by those users. Note that privilege analysis is only available for Oracle Enterprise Edition Database.   00;08;15;09 - 00;08;47;03 It is not present in Oracle Standard Edition. Users are inserting and updating data and also retrieving data. That data is traveling over the network, and in most cases, we want you to encrypt the data to reduce the chances that an attacker can simply sniff the network to steal data. And are there different types of encryption? The Oracle database supports two different types of network encryption, native network encryption, which is certificate lists and usually requiring zero change to the applications to implement. And industry standard certificate-based TLS.   00;08;47;05 - 00;09;12;12 Depending on how many users connect to our database and how many databases we have, we may want to implement centralized authentication. Your Oracle database supports two types of centralized user management. One feature, Enterprise User Security, is available on all currently-supported database versions and allows the Oracle database to consult an Oracle LDAP directory for users and role membership.   00;09;12;14 - 00;09;46;13 The other feature, centrally managed users, was new in Oracle 18c and allows the Oracle database to connect to Microsoft Active Directory for users and role membership. Is there a way for us to know what users are doing? For this, we use database auditing. The Oracle database offers a comprehensive auditing capability, and you will usually want to audit database connections, especially failed logins, as well as data control language, including creation of users and privilege grants, and data definition language like creation of stored procedures, database links, and more.   00;09;46;16 - 00;10;16;06 All of these are fairly rare in most databases, so this level of auditing presents minimal performance impact. Finally, we want to make sure that we know what sensitive data resides in the database. Is the baseline security posture appropriate for the level of risk presented by the data? Or should we do more to protect our data? Here we return to DBSAT or Data Safe, which allow us to scan the database for sensitive data reporting on what types of data are found and how much of it there is.   00;10;16;06 - 00;10;41;24 All of the controls we've talked about so far are baseline. These are things we think any database should do and everything we've discussed so far can be done without additional costs, products, or options. But what if I want more than normal baseline security? Maybe my database contains personal information, financial information, intellectual property, or something else that requires more than just basic security.   00;10;41;25 - 00;11;08;13 Since that data is eventually being persisted on disk, in backups, and in exports, we'll want to protect it from attack there. Here is where transparent data encryption comes into play. If we encrypt data, that means there is an encryption key that we need to protect and distribute securely. For this, we can use Oracle Key Vault. Remember, those administrators with privileges and access to special data? We'll want to protect against them as well.   00;11;08;15 - 00;11;40;17 And for this, we'll use Database Vault. Could you tell us more about Database Vault? Database Vault lets us separate the duties of database administration from access to the data within the database. Database Vault also protects against a compromised application server, locking down application accounts so they can only access data from within the normal context of the application. When data is accessed from outside of the application, we may want to provide additional protection for high value data columns like credit card numbers or taxpayer IDs.   00;11;40;19 - 00;12;07;01 For this, we can use data redaction to hide sensitive data on the fly as it leaves the database. And for those non-production clones, the database we talked about, we'll simply remove sensitive data from them, replacing it with realistic looking "safe data" that does not present a security risk, but still allows application development and testing to continue. We can either use Data Safe or Enterprise Manager's data masking and subsetting pack.   00;12;07;03 - 00;12;30;02 We seem to have done a lot to protect the database, but is there a way to detect attempts to break in and steal data? For that, we'll configure auditing within the database and feed audit events to a centralized audit vault for analysis, reporting, and even alert generation. We'll also use database firewall to examine incoming connections and SQL statements for anomalies and violation of policy.   00;12;30;04 - 00;13;00;15 And if we choose to, we can go one step further and actually block out policy activity with the firewall. And of course, events from the database firewall flow into the audit vault server for analysis, reporting and again, alert generation. We've talked about assessing security, detecting inappropriate activity, and preventing unauthorized access to data. But there is a fourth type of database security control that is unique to databases called database-driven security.   00;13;00;17 - 00;13;27;15 These controls are used to provide fine-grained access control at the data row or column levels. Oracle database provides a variety of data-driven security features, including Real Application Security and Label Security. All these controls, working together, create the maximum security architecture or MSA. Not every database requires the full MSA, but many databases require something much more than just standard baseline security protocols.   00;13;27;17 - 00;13;52;13 Thanks, Greg, for joining us today. To learn more about Oracle's Maximum Security Architecture, visit mylearn.oracle.com and head over to the Oracle Cloud Data Management Foundations Workshop. That brings us to the end of this episode. Join us next week for a discussion on Oracle Cloud Infrastructure's Maximum Availability Architecture. Until then, this is Lois Houston and Nikita Abraham signing off.   00;13;52;15 - 00;16;33;21 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

A discussion with ITAL members Eric Brown and Scott Rysdahl with Micah Kryzer. Micah is a pentester by day but also works alongside the ITAL team. In this episode the crew overviews certificates, a big topic that transcends any one vendor or environment. Certificates are like an electronic passport meant to uniquely identify a person, computer or application on a network. This specific family of vulnerabilities discussed affects the Microsoft Active Directory certificate services, which is Microsoft's own built-in PKI or public key infrastructure included with Window's servers and domains. Micah walks us through a pentest demo illustrating the ways this system can be exploited as well as providing tips on how to protect business networks from this attack. 

On this episode of The Cloud Pod, the team discusses Amazon Pi Day, Google's upcoming I/O conference, the agricultural data manager by Microsoft, and the downturn in net profits of Oracle. They also round up cloud migrations by highlighting tools from different cloud service providers that are useful for the process. A big thanks to this week's sponsor, Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. This week's highlights

SambaBox is an enterprise directory solution based on open-source code that provides a cost-effective, stand-alone and powerful corporate alternative meeting global standards.Los Angeles, California--(Newsfile Corp. - November 21, 2022) -  SambaBox is an enterprise directory solution that helps reduce operating costs, developed by Profelis, the expert Linux and open source technologies developer, based on open source Samba4 infrastructure. SambaBox stands out as a global corporate alternative to the now generic Microsoft Active Directory in this category and will be running seamlessly on all cloud platforms soon.SambaBox is an enterprise directory solution that helps reduce operating costs, developed by ProfelisTo view an enhanced version of this graphic, please visit:https://images.newsfilecorp.com/files/8552/145021_9c58f42ec4e2480d_001full.jpgSubscribed to widely by public institutions, universities, the private sector, manufacturers, solution providers, cloud and service providers, SambaBox retains its cost advantage even if the number of users increases. Featuring a user-friendly and web-based interface, SambaBox supports different operating systems ranging from Pardus, RedHat, SuSE, Oracle Linux, to Windows and macOS. What sets it apart from its competitors is that since 2017, SambaBox has eliminated single brand dependence, and the need for third-party support.Profelis Managing Partner Caglar Ulkuderner notes that SambaBox was developed in answer to the need to move away from technological dependence on a single provider and in search of a cost-effective solution in the enterprise market, adding, "The market size for authentication will exceed 34 billion USD in the next five years. It is quite clear that solutions compatible with cloud and K8s systems will be greatly sought after." Working seamlessly in offline environments such as on intranets, SambaBox is the only product on the market that can manage more than three thousand GPOs via a web interface. Highlighting that it is this capability that makes it suitable for use in critical projects with information security sensitivity, Ulkuderner said, "SambaBox offers a more responsive solution that goes beyond Microsoft Active Directory, Amazon's sml Directory and Google's directory service which have become generic in this category. The fact that SambaBox is a software appliance makes it easy to install, and this has won over users. In addition to North America, we are also launched Oceania and Latin America." Profelis Managing Partner Caglar UlkudernerTo view an enhanced version of this graphic, please visit:https://images.newsfilecorp.com/files/8552/145021_9c58f42

On The Cloud Pod this week, the team rediscovers who Ryan is after an eternity (a secret agent). Plus AWS Fargate now delivers faster scaling of applications; new features for Oracle Support Rewards; and Google Cloud Optimization AI: Cloud Fleet Routing API from GCP. A big thanks to this week's sponsor, Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. This week's highlights

Обсудим все техники повышения привилегий, которые предоставляет Microsoft Active Directory вместе с первоначальной настройкой в локальной сети. Расскажем, почему для пентестера в локальной сети с Active Directory поднять свои привилегии до администратора домена это всего лишь вопрос времени. Перечислим уязвимости в сетях под управлением AD «из коробки», а также поделимся, как администраторам локальной сети под управлением AD защищаться от них.Рассказывает эксперт по безопасности приложение Singleton Security Егор БогомоловВидео

SpecterOps researchers Lee Christensen and Will Schroeder discuss their work, to be presented at Black Hat, on how AD “misconfiguration debt” lays out a dizzying array of attack paths such as the one in the PetitPotam exploit for which Microsoft  rushed out a fix.

最新情報を "ながら" でキャッチアップ！ ラジオ感覚放送 「毎日AWS」 おはようございます、金曜日担当パーソナリティの菅谷です。 今日は 05/26 に出たアップデートをピックアップしてご紹介。 感想は Twitter にて「#サバワ」をつけて投稿してください！ ■ トークスクリプト 【AWSアプデ 05/26】AWS Transfer Family が Microsoft Active Directory をサポート 他7件【#毎日AWS #205 】 ■ UPDATE PICKUP AWS Transfer Family が Microsoft Active Directory をサポート AWS Data Exchange のプライベートオファーでカスタム請求ができるように AWS Database Migration Service で PostgreSQL バージョン 13 のプレビューが開始 Amazon MSK が Apache Kafka version 2.7.1 をサポート Amazon SageMaker Pipelines が Amazon SageMaker Experiments と統合 Fleet Hub for AWS IoT Device Management が一般提供開始 AWS IoT Device Management が Job Templates 機能をパブリックプレビュー開始 Amazon Braket が新しい量子回路ノイズシミュレーターDM1 を一般提供開始 ■ サーバーワークスSNS Twitter / Facebook ■ サーバーワークスブログ サーバーワークスエンジニアブログ

In this episode I talk with Sean Deuby about Microsoft Active Directory and why AD security still matters.Topics included:The Circle of 'AD' LifeAD in the Age of Ransomware (e.g. tools at script kiddie's disposal)Ransomware - Risk and RecoverKrazy Mimikatz StoriesThis podcast was sponsored by Semperis. Semperis offers great Microsoft Active Directory services including Directory Service Protector and Active Directory Forest Recovery.Part of the proceeds from the sponsorship will go towards helping 'At Risk' students in West Michigan.Support the show (https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=BPUXUJ8SWLCR6&source=url)

Active Directory development has been pretty dormant. What's up with that?

The launch of Amazon Route 53 Resolver endpoints and forwarding rules has opened up a variety of exciting new options for managing DNS resolution, especially in hybrid cloud environments. This session gives a quick overview of the product before taking a deep dive into the design of Route 53 Resolver, including how it complements Route 53 private DNS and best practices to achieve availability and performance. We also dive into some new patterns that are emerging with services such as AWS Transit Gateway, AWS PrivateLink, and AWS Directory Service for Microsoft Active Directory.

Want to learn your options for running Microsoft Active Directory on AWS? When moving Microsoft workloads to AWS, it's important to consider how to deploy Microsoft Active Directory to support group policy management, authentication, and authorization. In this session, we discuss options for deploying Microsoft Active Directory to AWS, including AWS Directory Service for Microsoft Active Directory and deploying Active Directory to Windows on Amazon Elastic Compute Cloud (Amazon EC2). We cover such topics as integrating your on-premises Microsoft Active Directory environment to the cloud and leveraging SaaS applications, such as Office 365, with AWS Single Sign-On.

In this session, learn how to architect Microsoft solutions on AWS for both high availability and scalability. Discover how Microsoft solutions can leverage AWS services to achieve more resiliency, replace unnecessary complexity, and provide scalability. We explore hybrid architecture scenarios and common architecture patterns for Microsoft Active Directory and productivity solutions, such as Dynamics AX, CRM, and SharePoint. We also cover common design patterns for .NET applications, including approaches to CI/CD, DevOps, and containerizing .NET applications.

Want to learn about your options for running Microsoft Active Directory on AWS? When you move Microsoft workloads to AWS, it is important to consider how to deploy Microsoft Active Directory in support of group policy management, authentication, and authorization. In this session, we discuss options for deploying Microsoft Active Directory to AWS, including AWS Managed Microsoft AD and deploying Active Directory to Windows on Amazon EC2. We cover such topics as how to integrate your on-premises Microsoft Active Directory environment to the cloud and how to leverage SaaS applications, such as Office 365, with the AWS Single Sign-On service.

Learn why more customers than ever are leaving the complexity and costs of virtual desktop infrastructure (VDI) for cloud desktop solutions like Amazon WorkSpaces. In this session, we discuss how you can use Amazon WorkSpaces to give your employees a responsive, secure, and delightful desktop experience while simplifying your own processes. We demonstrate the flexibility of Amazon WorkSpaces and show how easy it is to get started. We also cover more advanced topics, including using Microsoft Active Directory for end-user management and authentication, and using Amazon WorkSpaces to implement a bring- your-own-device policy.

Simon shares a great list of new capabilities for customers! Chapters: 00:00- 00:08 Opening 00:09 - 10:50 Compute 10:51 - 25:50 Database and Storage 25:51 - 28:25 Network 28:26 - 35:01 Development 35:09 - 39:03 AI/ML 39:04 - 45:04 System Management and Operations 45:05 - 46:18 Identity 46:19 - 48:05 Video Streaming 48:06 - 49:14 Public Datasets 49:15 - 49:54 AWS Marketplace 49:55 - 51:03 YubiKey Support for MFA 51:04 - 51:18 Closing Shownotes: Amazon EC2 F1 Instance Expands to More Regions, Adds New Features, and Improves Development Tools | https://aws.amazon.com/about-aws/whats-new/2018/10/amazon-ec2-f1-instance-expands-to-more-regions-adds-new-features-and-improves-development-tools/ Amazon EC2 F1 instances now Available in an Additional Size | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-ec2-f1-instances-now-available-in-an-additional-size/ Amazon EC2 R5 and R5D instances now Available in 8 Additional AWS Regions | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-ec2-r5-and-r5d-instances-now-available-in-8-additional-aws-regions/ Introducing Amazon EC2 High Memory Instances with up to 12 TB of memory, Purpose-built to Run Large In-memory Databases, like SAP HANA | https://aws.amazon.com/about-aws/whats-new/2018/09/introducing-amazon-ec2-high-memory-instances-purpose-built-to-run-large-in-memory-databases/ Introducing a New Size for Amazon EC2 G3 Graphics Accelerated Instances | https://aws.amazon.com/about-aws/whats-new/2018/10/introducing-a-new-size-for-amazon-ec2-g3-graphics-accelerated-instances/ Amazon EC2 Spot Console Now Supports Scheduled Scaling for Application Auto Scaling | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-ec2-spot-console-now-supports-scheduled-scaling-for-application-auto-scaling/ Amazon Linux 2 Now Supports 32-bit Applications and Libraries | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-linux-2-now-supports-32-bit-applications-and-libraries/ AWS Server Migration Service Adds Support for Migrating Larger Data Volumes | https://aws.amazon.com/about-aws/whats-new/2018/09/aws-server-migration-service-adds-support-for-migrating-larger-data-volumes/ AWS Migration Hub Saves Time Migrating with Application Migration Status Automation | https://aws.amazon.com/about-aws/whats-new/2018/10/aws_migration_hub_saves_time_migrating_with_application_migration_status_automation/ Plan Your Migration with AWS Application Discovery Service Data Exploration | https://aws.amazon.com/about-aws/whats-new/2018/09/plan-your-migration-with-aws-application-discovery-service-data-exploration/ AWS Lambda enables functions that can run up to 15 minutes | https://aws.amazon.com/about-aws/whats-new/2018/10/aws-lambda-supports-functions-that-can-run-up-to-15-minutes/ AWS Lambda announces service level agreement | https://aws.amazon.com/about-aws/whats-new/2018/10/aws-lambda-introduces-service-level-agreement/ AWS Lambda Console Now Enables You to Manage and Monitor Serverless Applications | https://aws.amazon.com/about-aws/whats-new/2018/08/aws-lambda-console-enables-managing-and-monitoring/ Amazon EKS Enables Support for Kubernetes Dynamic Admission Controllers | https://aws.amazon.com/about-aws/whats-new/2018/10/amazon-eks-enables-support-for-kubernetes-dynamic-admission-cont/ Amazon EKS Simplifies Cluster Setup with update-kubeconfig CLI Command | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-eks-simplifies-cluster-setup-with-update-kubeconfig-cli-command/ Amazon Aurora Parallel Query is Generally Available | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-aurora-parallel-query-is-generally-available/ Amazon Aurora Now Supports Stopping and Starting of Database Clusters | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-aurora-stop-and-start/ Amazon Aurora Databases Support up to Five Cross-Region Read Replicas | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-aurora-databases-support-up-to-five-cross-region-read-replicas/ Amazon RDS Now Provides Database Deletion Protection | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-rds-now-provides-database-deletion-protection/ Announcing Managed Databases for Amazon Lightsail | https://aws.amazon.com/about-aws/whats-new/2018/10/announcing-managed-databases-for-amazon-lightsail/ Amazon RDS for MySQL and MariaDB now Support M5 Instance Types | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-rds-for-mysql-and-mariadb-support-m5-instance-types/ Amazon RDS for Oracle Now Supports Database Storage Size up to 32TiB | https://aws.amazon.com/about-aws/whats-new/2018/10/amazon-rds-for-oracle-now-supports-32tib/ Specify Parameter Groups when Restoring Amazon RDS Backups | https://aws.amazon.com/about-aws/whats-new/2018/10/specify-parameter-groups-when-restoring-amazon-rds-backups/ Amazon ElastiCache for Redis adds read replica scaling for Redis Cluster | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-elasticache-for-redis-adds-read-replica-scaling-for-redis-cluster/ Amazon Elasticsearch Service now supports encrypted communication between Elasticsearch nodes | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon_elasticsearch_service_now_supports_encrypted_communication_between_elasticsearch_nodes/ Amazon Athena adds support for Creating Tables using the results of a Select query (CTAS) | https://aws.amazon.com/about-aws/whats-new/2018/10/athena_ctas_support/ Amazon Redshift announces Query Editor to run queries directly from the AWS Management Console | https://aws.amazon.com/about-aws/whats-new/2018/10/amazon_redshift_announces_query_editor_to_run_queries_directly_from_the_aws_console/ Support for TensorFlow and S3 select with Spark on Amazon EMR release 5.17.0 | https://aws.amazon.com/about-aws/whats-new/2018/09/support-for-tensorflow-s3-select-with-spark-on-amazon-emr-release-517/ AWS Database Migration Service Makes It Easier to Migrate Cassandra Databases to Amazon DynamoDB | https://aws.amazon.com/about-aws/whats-new/2018/09/aws-dms-aws-sct-now-support-the-migration-of-apache-cassandra-databases/ The Data Lake Solution Now Integrates with Microsoft Active Directory | https://aws.amazon.com/about-aws/whats-new/2018/09/the-data-lake-solution-now-integrates-with-microsoft-active-directory/ Amazon S3 Announces Selective Cross-Region Replication Based on Object Tags | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-s3-announces-selective-crr-based-on-object-tags/ AWS Storage Gateway Is Now Available as a Hardware Appliance | https://aws.amazon.com/about-aws/whats-new/2018/09/aws-storage-gateway-is-now-available-as-a-hardware-appliance/ AWS PrivateLink now supports access over AWS VPN | https://aws.amazon.com/about-aws/whats-new/2018/09/aws-privatelink-now-supports-access-over-aws-vpn/ AWS PrivateLink now supports access over Inter-Region VPC Peering | https://aws.amazon.com/about-aws/whats-new/2018/10/aws-privatelink-now-supports-access-over-inter-region-vpc-peering/ Network Load Balancer now supports AWS VPN | https://aws.amazon.com/about-aws/whats-new/2018/09/network-load-balancer-now-supports-aws-vpn/ Network Load Balancer now supports Inter-Region VPC Peering | https://aws.amazon.com/about-aws/whats-new/2018/10/network-load-balancer-now-supports-inter-region-vpc-peering/ AWS Direct Connect now Supports Jumbo Frames for Amazon Virtual Private Cloud Traffic | https://aws.amazon.com/about-aws/whats-new/2018/10/aws-direct-connect-now-supports-jumbo-frames-for-amazon-virtual-private-cloud-traffic/ Amazon CloudFront announces two new Edge locations, including its second location in Fujairah, United Arab Emirates | https://aws.amazon.com/about-aws/whats-new/2018/10/cloudfront-fujairah/ AWS CodeBuild Now Supports Building Bitbucket Pull Requests | https://aws.amazon.com/about-aws/whats-new/2018/10/aws-codebuild-now-supports-building-bitbucket-pull-requests/ AWS CodeCommit Supports New File and Folder Actions via the CLI and SDKs | https://aws.amazon.com/about-aws/whats-new/2018/09/aws-codecommit-supports-new-file-and-folder-actions-via-the-cli-and-sdks/ AWS Cloud9 Now Supports TypeScript | https://aws.amazon.com/about-aws/whats-new/2018/10/aws-cloud9-now-supports-typescript/ AWS CloudFormation coverage updates for Amazon API Gateway, Amazon ECS, Amazon Aurora Serverless, Amazon ElastiCache, and more | https://aws.amazon.com/about-aws/whats-new/2018/09/aws-cloudformation-coverage-updates-for-amazon-api-gateway--amaz/ AWS Elastic Beanstalk adds support for T3 instance and Go 1.11 | https://aws.amazon.com/about-aws/whats-new/2018/09/aws-elastic-beanstalk-adds-support-for-t3-instance-and-go-1-11/ AWS Elastic Beanstalk Console Supports Network Load Balancer | https://aws.amazon.com/about-aws/whats-new/2018/10/aws_elastic_beanstalk_console_supports_network_load_balancer/ AWS Amplify Announces Vue.js Support for Building Cloud-powered Web Applications | https://aws.amazon.com/about-aws/whats-new/2018/09/aws-amplify-announces-vuejs-support-for-building-cloud-powered-web-applications/ AWS Amplify Adds Support for Securely Embedding Amazon Sumerian AR/VR Scenes in Web Applications | https://aws.amazon.com/about-aws/whats-new/2018/09/AWS-Amplify-adds-support-for-securely-embedding-Amazon-Sumerian/ Amazon API Gateway adds support for multi-value parameters | https://aws.amazon.com/about-aws/whats-new/2018/10/amazon-api-gateway-adds-support-for-multi-parameters/ Amazon API Gateway adds support for OpenAPI 3.0 API specification | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-api-gateway-adds-support-for-openapi-3-api-specification/ AWS AppSync Launches a Guided API Builder for Mobile and Web Apps | https://aws.amazon.com/about-aws/whats-new/2018/09/AWS-AppSync-launches-a-guided-API-builder-for-apps/ Amazon Polly Adds Mandarin Chinese Language Support | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-polly-adds-mandarin-chinese-language-support/ Amazon Comprehend Extends Natural Language Processing for Additional Languages and Region | https://aws.amazon.com/about-aws/whats-new/2018/10/amazon_comprehend_extends_natural_language_processing_for_additional_languages_and_region/ Amazon Transcribe Supports Deletion of Completed Transcription Jobs | https://aws.amazon.com/about-aws/whats-new/2018/10/amazon_transcribe_supports_deletion_of_completed_transcription_jobs/ Amazon Rekognition improves the accuracy of image moderation | https://aws.amazon.com/about-aws/whats-new/2018/10/amazon-rekognition-improves-the-accuracy-of-image-moderation/ Save time and money by filtering faces during indexing with Amazon Rekognition | https://aws.amazon.com/about-aws/whats-new/2018/09/save-time-and-money-by-filtering-faces-during-indexing-with-amazon-rekognition/ Amazon SageMaker Now Supports Tagging for Hyperparameter Tuning Jobs | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-sagemaker-now-supports-tagging-for-hyperparameter-tuning-/ Amazon SageMaker Now Supports an Improved Pipe Mode Implementation | https://aws.amazon.com/about-aws/whats-new/2018/10/amazon-sagemaker-now-supports-an-improved-pipe-mode-implementati/ Amazon SageMaker Announces Enhancements to its Built-In Image Classification Algorithm | https://aws.amazon.com/about-aws/whats-new/2018/10/amazon-sagemaker-announces-enhancements-to-its-built-in-image-cl/ AWS Glue now supports connecting Amazon SageMaker notebooks to development endpoints | https://aws.amazon.com/about-aws/whats-new/2018/10/aws-glue-now-supports-connecting-amazon-sagemaker-notebooks-to-development-endpoints/ AWS Glue now supports resource-based policies and resource-level permissions for the AWS Glue Data Catalog | https://aws.amazon.com/about-aws/whats-new/2018/10/aws-glue-now-supports-resource-based-policies-and-resource-level-permissions-and-for-the-AWS-Glue-Data-Catalog/ Resource Groups Tagging API Supports Additional AWS Services | https://aws.amazon.com/about-aws/whats-new/2018/10/resource-groups-tagging-api-supports-additional-aws-services/ Changes to Tags on AWS Resources Now Generate Amazon CloudWatch Events | https://aws.amazon.com/about-aws/whats-new/2018/09/changes-to-tags-on-aws-resources-now-generate-amazon-cloudwatch-events/ AWS Systems Manager Announces Enhanced Compliance Dashboard | https://aws.amazon.com/about-aws/whats-new/2018/10/aws-systems-manager-announces-enhanced-compliance-dashboard/ Conditional Branching Now Supported in AWS Systems Manager Automation | https://aws.amazon.com/about-aws/whats-new/2018/09/Conditional_Branching_Now_Supported_in_AWS_Systems_Manager_Automation/ AWS Systems Manager Launches Custom Approvals for Patching | https://aws.amazon.com/about-aws/whats-new/2018/10/AWS_Systems_Manager_Launches_Custom_Approvals_for_Patching/ Amazon CloudWatch adds Ability to Build Custom Dashboards Outside the AWS Console | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-cloudwatch-adds-ability-to-build-custom-dashboards-outside-the-aws-console/ Amazon CloudWatch Agent adds Custom Metrics Support | https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-cloudwatch-agent-adds-custom-metrics-support/ Amazon CloudWatch Launches Client-side Metric Data Aggregations | https://aws.amazon.com/about-aws/whats-new/2018/10/amazon-cloudWatch-launches-client-side-metric-data-aggregations/ AWS IoT Device Management Now Provides In Progress Timeouts and Step Timeouts for Jobs | https://aws.amazon.com/about-aws/whats-new/2018/10/aws-iot-device-management-now-provides-in-progress-timeouts-and-step-timeouts-for-jobs/ Amazon GuardDuty Provides Customization of Notification Frequency to Amazon CloudWatch Events | https://aws.amazon.com/about-aws/whats-new/2018/10/amazon-guardduty-provides-customization-of-notification-frequency-to-amazon-cloudwatch-events/ AWS Managed Microsoft AD Now Offers Additional Configurations to Connect to Your Existing Microsoft AD | https://aws.amazon.com/about-aws/whats-new/2018/10/aws-managed-microsoft-ad-now-offers-additional-configurations-to-connect-to-our-existing-microsoft-ad/ Easily Deploy Directory-Aware Workloads in Multiple AWS Accounts and VPCs by Sharing a Single AWS Managed Microsoft AD | https://aws.amazon.com/about-aws/whats-new/2018/09/aws-directory-service-share-directory-across-accounts-and-vpcs/ AWS Single Sign-on Now Enables You to Customize the User Experience to Business Applications | https://aws.amazon.com/about-aws/whats-new/2018/10/aws-single-sign-on-now-enables-you-to-customize-the-user-experience-to-business-applications/ Live Streaming on AWS Now Features AWS Elemental MediaLive and MediaPackage | https://aws.amazon.com/about-aws/whats-new/2018/09/live-streaming-on-aws-now-features-aws-elemental-medialive-and-mediapackage/ AWS Elemental MediaStore Increases Object Size Limit to 25 Megabytes | https://aws.amazon.com/about-aws/whats-new/2018/10/aws-elemental-mediastore-increase-object-size-limit-to-25-megabytes/ Amazon Kinesis Video Streams now supports adding and retrieving Metadata at Fragment-Level | https://aws.amazon.com/about-aws/whats-new/2018/10/kinesis-video-streams-fragment-level-metadata-support/ AWS Public Datasets Now Available from the German Meteorological Office, Broad Institute, Chan Zuckerberg Biohub, fast.ai, and Others | https://aws.amazon.com/about-aws/whats-new/2018/10/public-datasets/ Customize Your Payment Frequency and More with AWS Marketplace Flexible Payment Scheduler | https://aws.amazon.com/about-aws/whats-new/2018/10/customize-your-payment-frequency-and-more-with-awsmarketplace-flexible-payment-scheduler/ Sign in to your AWS Management Console with YubiKey Security Key for Multi-factor Authentication (MFA) | https://aws.amazon.com/about-aws/whats-new/2018/09/aws_sign_in_support_for_yubikey_security_key_as_mfa/

When you move Windows workloads to AWS, it is important to have an Active Directory in the cloud to support group policy management, authentication, and authorization. This session is a deep dive on AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft Active Directory (AD). We cover how the service operates in support of stand-alone directory and trust-based federation use cases. Topics include features that enable you to migrate a broad range of applications to AWS, how to use SaaS applications, such as Office 365, when managing users in AWS Managed Microsoft AD, how to secure trusts when federating to on-premises Active Directory, and security features to help you with your corporate security policies and compliance.

Traditional solutions for using Microsoft Active Directory across on-premises and AWS Cloud Windows workloads can require complex networking or synching identities across multiple systems. AWS Directory Service for Microsoft Active Directory, also known as AWS Managed AD, offers you actual Microsoft Active Directory on the AWS Cloud as a managed service. In this session, you learn how Capital One uses AWS Managed AD to provide highly available authentication and authorization services for its Windows workloads, such as Amazon RDS for SQL Server. We detail how Capital One uses Lambda, Python, and PowerShell with cross-account AWS Identity and Access Management (IAM) roles to automate directory deployment across AWS accounts. We also cover best practices for integrating AWS Managed AD with your on-premises domain securely, and show you how to automate the joining of AWS resources to your managed domain.

IT organizations today need to support a modern, flexible, global workforce and ensure their users can be productive from anywhere. Moving desktops and applications to AWS offers improved security, scale, and performance, with cloud economics. In this session, we provide an overview of Amazon WorkSpaces and Amazon AppStream 2.0, and talk through best practices for moving your end-user computing to AWS. We also dive deep into Amazon AppStream 2.0, and demonstrate some of the newest capabilities, including Microsoft Active Directory integration, single sign-on with SAML 2.0, and new graphics instances.

Are you tired of maintaining and upgrading the PC infrastructure for your organization? Do you want to provide your users with a fast, fluid desktop that is accessible from anywhere, on any device? With Amazon WorkSpaces, you can do both simultaneously by running your desktops on AWS. In this session, we demonstrate the flexibility of Amazon WorkSpaces and show you how easy it is to get started. We also cover more advanced topics, including using Microsoft Active Directory for end-user management and authentication, and using Amazon WorkSpaces to implement a bring-your-own-device policy.

AWS can help you rapidly deploy and scale your Microsoft SharePoint environment to help you collaborate more efficiently and cost-effectively. This session reviews architectural considerations for building a SharePoint deployment on AWS, best practices to ensure optimal performance, how to leverage multiple Availability Zones for high availability and disaster recovery, and how to integrate with Microsoft Active Directory. We will also look at new Quick Start guides, AWS CloudFormation templates, and other tools that dramatically reduce the time to deployment.

Amazon WorkSpaces is an enterprise desktop computing service that runs in the cloud. In this deep-dive session, we discuss advanced topics and best practices for deploying Amazon WorkSpaces in your organization. We discuss Amazon VPC design and public endpoints, AWS Directory Service, integrating with your on-premises Microsoft Active Directory, using multi-factor authentication, and monitoring and logging with Amazon CloudWatch metrics. We walk through how to do all this using a combination of the AWS Command Line Interface, the AWS Management Console, and AWS CloudFormation templates.

From servers to workstations, AWS provides the best place to run your Windows workloads. In this session, we'll discuss the ease of deploying Windows workloads on AWS, and architecting for performance, scalability, security, and cost savings. We will explore the use of AWS Directory Service, the Amazon EC2 Run command, and Windows PowerShell to bootstrap your instances for seamless Microsoft Active Directory integration, application installation, and management. We will walk through an architecture that includes Amazon RDS, Amazon EC2, and Amazon WorkSpaces, and discuss the secure relationships among these services. You will learn how you can use native AWS services as well as the tools you are already familiar with to manage your Windows environment.

On this episode of BSDNow, we will be talking to Glen Barber and Peter Wemm of the FreeBSD RE and Cluster Admin teams! That plus our This episode was brought to you by Headlines 2016 FreeBSD Community Survey (https://www.surveymonkey.com/r/freebsd2016) We often get comments from our listeners, “I'm not a developer, how can I help out”? Well today is your chance to do something. The FreeBSD Foundation has its 2016 Community Survey online, where they are asking for feedback from you! I just did the survey, it'll take you about 5 minutes, but gives you a chance to provide valuable feedback to the foundation about things that are important to you. Be sure to answer in as much detail as possible and the foundation will review and use this feedback for its operations going forward. *** ART, OpenBSDs new routing table, single thread performances (http://www.grenadille.net/post/2016/06/17/ART-single-thread-performances) OpenBSD has changed the way routes are looked up in the kernel as part of their path to an SMP networking stack The “Allotment Routing Table” (ART) is a performance tradeoff, where more memory is used to store the routing table, in exchange for faster lookups With this new arrangement, a full BGP routing table will grow from 130MB to 180MB of memory “ART is a free multibit trie based routing table. To keep it simple, it can be seen as using more memory for fewer CPU cycles. In other words, we get a faster lookup by wasting memory. The original paper (http://www.hariguchi.org/art/art.pdf) presents some performance comparisons between two ART configurations and the BSD Radix. But how does this apply to OpenBSD?” “I asked Hrvoje Popovski to run his packet forwarding test on his Xeon box (E5-2620 v2 @ 2.10GHz, 2400.34 MHz) with ix(4) (82599) interfaces. The test setup consist of three machines with the OpenBSD box in the middle” “The simulations have been performed with an OpenBSD -current from June 9th. The machine is configured with pf(4) disabled in order to force a single route lookup for every IPv4 packet. Based on the result of the lookup the kernel decide if it should forward, deliver or drop the packet” *** BSDCan 2016 Playlist (https://www.youtube.com/playlist?list=PLeF8ZihVdpFfoEV67dBSrKfA8ifpUr6qC) The complete set of videos from BSDCan is online and ready to be consumed Remember the good-ole days where we would wait months (or years) to get videos posted from conferences? Well, who are we kidding, some conferences STILL do that, but we can't count BSDCan among them. Only two weeks out from this years exciting BSDCan, and all the videos have now landed on YouTube. Granted, this is no substitute for actually being at the conference, but even if you attended you probably missed quite a few of the talks. There are no videos of the hallway track, which is the best part of the conference Except the dinner discussion of course. and don't forget the hacker lounge *** Should you be scared of Unix signals? (http://jvns.ca/blog/2016/06/13/should-you-be-scared-of-signals/) Do you know much about UNIX Signals? Are you afraid of their complexity? Do you know there are signals other than SIGKILL? This article talks about the practical implications of signals from a programming perspective The things you need to consider when dealing with signals Basically, you register a “signal handler”, the function that will be run when a signal arrives As you program is running, if a signal arrives, your program will be interrupted. Its current state will be saved and any system calls in progress will return EINTR (Error, Interrupted), then your signal handler will be run. Once the signal handler is complete, the state of your application will be restored, and execution will resume As long as your program properly handles this interruption, and errors that might result from it (getting EINTR from a read() call, instead of the data you expected), then everything should be fine. Of course, you need to be careful what you do inside your signal handler, as if you modify any variables or state in your application, it might be very confused when it resumes. *** Interview - Glen and Peter- News Roundup Unik - The Unikernel Compilation and Deployment Platform (uses NetBSD's Rump) (https://github.com/emc-advanced-dev/unik) We've talked a bit about NetBSD's RUMP (unikernel) in the past, including articles on how to deploy services using it. Now we have an interesting project which makes the process super-easy, and dare-we-say almost “Docker-Like?” The Unik project has a fairly complete walkthrough right on their GitHub project page, including details on installation and creating your own unikernel containers. In addition, it provides instructions on boot-strapping your own Go/Node.js/Python/Java applications, and supports out of Box VCenter / AWS / Qemu / VirtualBox providers. *** PkgSrc 50th Release Highlights () pkgsrc is celebrating its 50th release, and to highlight this, they have posted a series of interviews from people who have been active in the project pkgsrc 50th release interviews - Jonathan Perkin (http://blog.netbsd.org/tnf/entry/pkgsrc_50th_release_interviews_jonathan) pkgsrc 50th release interviews - Ryo ONODERA (http://blog.netbsd.org/tnf/entry/pkgsrc_50th_release_interviews_ryo) pkgsrc 50th release interviews - Joerg Sonnenberg (http://blog.netbsd.org/tnf/entry/pkgsrc_50th_release_interview_with) pkgsrc 50th release interviews - Sevan Janiyan (https://blog.netbsd.org/tnf/entry/pkgsrc_50th_release_interviews_sevan) *** Migrating to FreeBSD from Solaris 11 (http://justinholcomb.me/blog/2016/02/28/migration-to-freebsd-part1.html) Part 2 (http://justinholcomb.me/blog/2016/03/12/migration-to-freebsd-part2.html) Part 3 (http://justinholcomb.me/blog/2016/03/19/migration-to-freebsd-part3.html) Part 4 (http://justinholcomb.me/blog/2016/03/26/migration-to-freebsd-part4.html) Part 5 (http://justinholcomb.me/blog/2016/04/03/migration-to-freebsd-part5.html) *** How to chroot www/firefox on NetBSD (https://github.com/alnsn/localpkgsrc/tree/master/firefox-chroot) Looking for a jail-like method of running FireFox on NetBSD? (Or possibly other BSDs?) We have a github repo with details on how to setup and run FireFox using a chroot using a “webuser” account for safety. Think of this as a jail alternative, may be useful on systems with no jail support. Of interest is the method used to do X forwarding. It uses Xorg TCP listen option (which is often off by default for security reasons). Perhaps SSH X forwarding would be a better alternative. (Or nullfs mounts of /tmp) *** Beastie Bits Tredly - V1 Release Candidate (https://github.com/tredly/tredly/releases/tag/v1.0.0-rc.1) Call for Testing - ypldap testing against OpenLDAP and Microsoft Active Directory (http://lists.freebsd.org/pipermail/freebsd-current/2016-June/061775.html) BSD Magazine, June 2016 Out Now (https://bsdmag.org/) Hammer2 - Add xxhash to H2 and throw in debug stuff for performance testing (http://lists.dragonflybsd.org/pipermail/commits/2016-June/500610.html) chyves pre-announcement (http://justinholcomb.me/blog/2016/06/14/chyves-project-preannouncement.html) *** Feedback/Questions Michael - Versioning (http://pastebin.com/1hpGrmuL) Michael - Removing Encryption (http://pastebin.com/2PkrMGGx) Bostjan - PC-BSD Questions (http://pastebin.com/q5VdmNxG) Fong - ZFS Rollback (http://pastebin.com/2aedLV7d) Jochen - Docker on FBSD (http://pastebin.com/dneVZkXc) ***

JumpCloud leader describes a cloud pivot toward directory as a service, Microsoft Active Directory migrations to the cloud, plus startup funding guidance.