Bug in Authentication Policies (R2 feature)
It's possible to delete an Authentication Policy (R2), even if it is applied by an Authentication Silo. Resulting in unexpected results or an ADAC crash... probably a bug?
View ArticleAudit failure every 2 minutes on a W2K8 standalone Server in a Workgroup...
HelloBy chance I discovered that every 2 minutes there is a login failure on my standalone (Workgroup) W2K8 R2 Server.The administrator is disabled (login errors also appear when administrator user is...
View ArticleActive Directory Certificate Services
Hi there, we actually have a Windows Server 2008 SBS server running, And we wanted to make so clean-up into it. Actually there is the certlog located into : C:\Windows\System32\winevt\Logs...
View ArticleStand Alone vs. Enterprise Certifcate Authority
Hello, we need to build a certificate authority for our signle domain. We have a few applications running on several VMs that need an SSL certificate to do away with the untrusted warning when browsing...
View ArticleClik here to view.
Adding permissions "NT Service\mpssvc" not working - the account is not...
Hi all,i have a problem with the firewall-service on a Windows 2008 Std SP2. The firewall service does not start. Access denied problem. I can see that on some registry-keys the permissions for the "NT...
View ArticleSCServ.exe created automatically in program files
we have few windows 2008 r2 servers where SCServ.exe is getting created automatically in program files root folder and consuming high CPU . please let me know if this is microsoft owned one .
View ArticleWhy does SmartCard authentication require two attempts per rdp connection?
When connecting from a Windows 7 desktop to a Windows 2008 R2 server via rdp (mstsc -v /server) the 2k8 server sees my inserted smartcard and prompts me for a PIN. After entering the PIN the server...
View ArticleUpgrade CA to Server with different hostname
Good Afternoon.I am planning on migrating my current 1 tier CA to another VM and using a 2 tier PKI configuration. The current CA is running on a DC/GC that also has NPS installed on it for Wireless...
View ArticleClik here to view.
BitLocker - no information in AD
Hello,We have Windows 2012 Domain Controllers. Domain level is 2012. Backup to AD is enabled through GPO.It is not backing it up. Any ideas?Thank you.
View ArticleClik here to view.
Windows 2008 R2 - Multiple Vendor DNS Query ID Field Prediction Cache Poisoning
Hi GuysRecently we had our audit report last month, one of the finding make me confused, we has one item call "Multiple Vendor DNS Query ID Field Prediction Cache Poisoning " in risk level is high. I...
View ArticleHow does Windows or IIS protect a certificate or it's private key?
My question is of a basic nature. And I think that it boils down to constraining file system and registry access. But would like to have that confirmed by someone who has Windows experience. In general...
View ArticleErroneous error: Unable to update the password. The value provided for the...
I am unable to use Ctrl+Alt+Del, Change password to change my user password whilst logged onto a Win 7 Pro machine with a Domain Admins account, authenticating on a Windows Serer 2008 domain controller...
View ArticleLimit the number of nested folders level
Hi,Thank you for your patience and assistance.Our organisation would like to control the number of nested folders in our shared drive but yet at the same time be able to allow end users to create...
View ArticleWhat comes after ISA
We're currently running ISA 2003. It does the job very well, but I'm aware we probably need to upgrade to one of the latest products. MS seem to have done their usual trick of confusing their product...
View ArticleSequential Certificate Serial Numbers using Windows 2008 R2
It appears that Windows Server 2003 Certificate Services supports sequential certificate serial numbers. This was an undocumented feature that could be turned on using the certutil command or...
View ArticlePublish User Cert to AD after the fact
Hello all!I was wondering if its possible to have the CA attempt to re-publish certs to AD after the fact (cert was already issued and an attempt was made to publish but failed) ?Background - We didnt...
View ArticleEvent Log for Adding/Removing Roles/Features
Hello, I was tasked with auditing the server logs, and I need to find out who/when installed/removed server roles/features. Does anyone know which Log/Source/ID's I should be searching for? Thanks in...
View ArticleTrusted Domain Root CA
We have several trusted domains within our organization and need to deploy computer certificates for RADIUS authentication. The CA has been setup on our primary domain and can issue certificates via...
View ArticleStorage of certs in Enterprise CA
Hello We are looking at an Enterprise CA (Windows 2008 R2) within our environment to provide authentication certificates to remote users.We will have an application server that generates a CSR on...
View ArticleQuestion on losing Issuing CA
HiExample scenario - we have an Enterprise PKI, Windows 2008 R2, with a Root CA (offline) and multiple Subordinate CA's that issue the certs. The certificates in this example are authentication certs...
View Article