Question about KB4569509: Guidance for DNS Server Vulnerability CVE-2020-1350
The article shows a workaround to protect unpatched systems against the SIGRed vulnerability using a registy entrySubkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters Value:...
View Articlerequest a certificate
dears, i have a local ca installed.i have a new machine, and i want to request a certificate from this machine to my local cahow is this donehow can i generate a cer file and make it issued by my...
View ArticleDisable Legacy TLS not available
Dear security folks,We are very happy about "Disable Legacy TLS" which is described at https://docs.microsoft.com/en-us/security/disable-legacy-tls. This hopefully ends the cipher configuration using...
View ArticleSimple Certificate Enrollment Protocol
My team lead is looking to use SCEP in the following way and I can’t find anything on how to make it work.We have remote networking devices that use certificates that we generate to authenticate with...
View ArticleClik here to view.
event 77 , 80 , CA server migration
Hello there is a CA server migration in organization and recently migrated to windows server 2016there is event 77 , 80 in event logs , i already google the issue and it seems something wrong with...
View ArticleOffline Root CA - CRL Publication Intervals
Hello,I'm implementing a two-tier PKI with an offline standalone Root CA, and Online Enterprise Sub CAs.My RootCA rarely publishes CRLs (Once every year).My question is : What happens if, let's say,...
View ArticleMachine authentication on Windows 10 without using Cisco ISE or similar...
Hi,As we know, NAP service or agent is not included on windows 10. Prior to it (on windows 7) we used NAP and NPS to control and prevent non joined computers to get access to network. With windows 10...
View ArticleAre files securely delete if they are delete from an encrypted folder.
Hi Guys, I have a little project where I have to securely delete files from an SFTP server folder. I have a script that moves the files to a new location.What I would like to know is if I encrypted the...
View ArticleCertlm.msc private key permissions are misleading and could lead to a...
(Not sure if this is the right place to raise this, but someone at MS can move it if not.) Certlm.msc shows the current key file permissions NOT the effective permissions, this is misleading and could...
View ArticleFailure reasons eg: 2313 in ID 4625
HelloDo You have the list with descr of failure reasons eg. %%2313, %%2307... I've searched Net and nothing.. :(Mainly I see it in ID 4625.Thank you in advance for your help!Damiano
View ArticleInstalled KB4015547 and now KDC won't start
Morning All,I thought I would just give a heads up to anyone who experienced an issue after installing KB4015547.Background:3 DC's all requiring a restart after updates applied. 1 DC has failed some of...
View ArticleWindows Packet Filtering Issue.
Hello,I am using windows server 2012 r2 Standard Edition, in windows packet Filtering (WPF) it is blocking inbound connection which I can see in event log under that in the security audit log that the...
View ArticleClik here to view.
handshake failure, server hello missing
I am troubleshooting an application that fails to make a HTTPS connection from one machine (Windows Server 2012 (not R2)) but succeeds from all others.IE 10 on that machine also fails to connect but...
View ArticleDomain User cant ShutDown/Restart, only Logoff Option Available
im an administrator for my AD server, but somehow after some windows update, i faced issue with Non-Administrator user acc, user cant Shutdown/Restart on thier pc, the option is grey out, but only...
View ArticleClik here to view.
An extended error has occurred. Failed to save Local Policy Database.
Strange Error. I have a system running server 2012 r2 datacenter, as a development environment and workstation for my use.It is not running AD, and is not joined to the domain. It sits on its own...
View ArticlePKI Web Enrollment The RPC server is unavailable. 0x800706ba
Hi all,I'm a little stuck with this error.So my scenario is on Subordinate CA and a web server who has installed Web Enrolment. From mmc I can request certificates and install. From Web Enrollment page...
View ArticleDomain Laptop Cached User Credentials randomly no longer usable
These days, thanks to the pandemic, we have many users working on their laptops from home (connecting to the domain through VPN once they login). Extremely rarely (it's happened a handful of times in...
View ArticleRenewal Period for certificates
My question is by setting my renewal period on my certificate template to 2 weeks, how often does the certificate check for renewal? I don't want my certificate checking every two weeks if a renewal is...
View Article