I have recently worked on an implementation for a customer and was concerned with a large number of group memberships. Although the solution for authenticating against the operating system are well documented by Microsoft (here, here and here), the XML service does not allow requests larger than 4KB. So if users have a large number of group memberships, authentication via the XML service can fail due to this limitation. But here's the solution.
XML Service
XML Service Chokes on Request Larger Than 4KBPublished by Nicholas Dille on 06/30/2009 | 0 Comments | 1,782 Views |
 |
What does XMLServiceTester.exe in HMR do?Published by Nicholas Dille on 06/05/2009 | 0 Comments | 1,604 Views You may well ask why I created a tool to send arbitrary requests to the XML service and parse the reply in scripts – which is, by the way, called XmlServiceReader. First of all, I did not like the tool included with the Health Monitoring and Recovery of Presentation Server and XenApp – called RequestTicket.exe – due to its limitation to being executed on the same host as the XML service is located. Furthermore, this tools has a hard-coded request and does not allow customization of the request sent to the XML service. |
|
Reading Farm Information from the XML ServicePublished by Nicholas Dille on 12/16/2008 | 2 Comments | 1,987 Views After writing and publishing the XmlServiceExplorer, I was asked several times just how much information is disclosed by the XML service. There were also comments (to one of my articles and in Brian’s forums) about a possible security breach caused by offering the access lists of all published applications which I described in a tutorial to the XmlServiceExplorer. Although it is possible to suppress the access lists being disclosed by the XML service, the switch is not documented. |
|
Suppressing Access Lists to be Exposed by the XML ServicePublished by Nicholas Dille on 09/29/2008 | 2 Comments | 1,621 Views In an earlier article about the XmlServiceExplorer, I explained how to obtain the access list of all published applications in a farm from the XML service. As this information is offered without authentication, it can be considered a security issue. The XML service should rather offer the resulting list of published applications based on the access lists instead of the access list themselves. |
|
Top Blogger
|
Helge Klein 132 Articles |
Windows, Terminal Services and other things |
 |
|
Thorsten Christoffers 102 Articles |
System Center … deep inside |
|
|
Nicholas Dille 88 Articles |
Centralized computing, virtualization and performance monitoring |
|
|
Nicki Wruck 31 Articles |
361° sepago |
|
|
Holger Adam 11 Articles |
C++, C#, WPF, PowerShell and other things |
|
|
Claudia Michel 10 Articles |
|
|
|
Sabine Ehinger 9 Articles |
rund um sepago - intern & extern |
|
|
Dieter Schmitz 6 Articles |
|
|
|
Michael Nolden 1 Articles |
|
Most Viewed Posts
| 32,780 Views |
Where is the Hosts File on Windows x64?by Helge Klein (06/04/2009) |
| 27,441 Views |
Deleting a Local User Profile - Not as easy as one Might Assumeby Helge Klein (10/16/2008) |
| 19,463 Views |
How to Reduce the Size of Roaming Profilesby Helge Klein (11/17/2008) |
| 14,224 Views |
Aufbau einer KMS Infrastrukturby Thorsten Christoffers (03/19/2009) |
| 12,425 Views |
Printer Driver Isolation in Windows 7 and Server 2008 R2by Helge Klein (04/08/2009) |