What comes after ISA
We're currently running ISA 2003. It does the job very well, but I'm aware we probably need to upgrade to one of the latest products. MS seem to have done their usual trick of confusing their product...
View ArticleLDAP over SSL on Windows 2012R2 Server DCs - TLS 1.2 not working
Hi there,We've upgraded our DCs from 2008 R2 to 2012 R2.After moving the Enterprise CA from 2008 R2 to 2012 R2 domain controller (same IP, same hostname) according to this guide:...
View ArticleClik here to view.
Recover deleted SLL certificate in store
Hi, How do I recover the deleted certificate in IIS? I am trying to re-complete the certificate request but its not working Seems that the request completion is once only any workaround?thanks
View ArticleHundreds of Audit Failure Event 4776 logged by unknown users
Hi,My DC is reporting thousand of Event ID 4776 every 30seconds. The computer attempted to validate the credentials for an account.Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0Logon...
View ArticleError 403.7.5 after setting up Client Certificate in IIS 7.5
Hi Team,I am facing the below problem: Requirement :- I have a web service running on IIS 7.5 under mutual SSL and this should purely be used for authentication. I want the client server(s) to be able...
View ArticleMicrosoft Windows Unquoted Service Path Enumeration.
I seek for your advice in a security issue and how to mitigate this high risk vulnerability.Microsoft Windows Unquoted Service Path Enumeration.Microsoft Windows Unquoted Service Path...
View Article401 - Unauthorized: Access is denied due to invalid credentials
After installing MSCEP, enter http://Server2008/certsrv/mscep_admin in the browser.Enter correct user name and password in pop-up box. Windows 2008 keeps rejecting the correct user name and password....
View ArticleReplace V3 Cert with V2 Cert
2008 R2 CA, a certificate template was created and issued at V3 (Windows 2008 R2 Enterprise) so all clients have this certificate auto-enrolled.It turns out a V3 certificate is no use for what we need...
View ArticleDNS Amplification Attacks
With regards to Windows Servers, and the DNS Service operating on them. I'm absolutely surprised that this still is on-going within the DNS Service and doesn't allow anything but to simply disable...
View ArticleSchannel. Event ID 36886, 36887.
Hi! After installing ADCS I've got warnings on both domain controllers (Win 2008 R2):Event ID :- 36886 Source :- Schannel Description :- No suitable default server credential exists on this system....
View ArticleError in windows server 2008 r2
1. The Security System has received an authentication request that could not be decoded. The request has failed.EVENT ID 409682.The application-specific permission settings do not grant Local...
View ArticleUnable to authenticate using wired 802.1x
Hello,We have a system with a lot of OS hardening, and Im at my wits end about this:My cisco-switch authenticates fine over radius.My win7 client which is NOT domain-connected(RDP-klient only) is...
View ArticleCertificate Auhtority Post Migration Issue - URGENT
Hi,two days a go I migrated our CA from 2003R2 to 2008R2. the server name of the destination is different than the server name of the source. I followed all the steps that I knew of and matched them...
View ArticlePublish New Certificate Revocation List (CRL) from Offline Root CA to sub CA
CRL on offline Root CA is expiring soon. Since this is standalone offline Root CA, CRL need to be published manually and copied to subordinate CA's. Could you please let me know the procedure to...
View ArticleClik here to view.
Cannot sort in file/folder access control list in 8 or Server 2012
I use Windows 8 and Server 2012 Datacenter (with GUI). In 7/2008R2, I was formerly able to get properties on a file or folder, go to Security tab, click Advanced, and sort the access control list by...
View Articlecertificate authority server
Hi,I am using 2 servers windows 2008, one for Root certificate and another for subordinate certificate.I want to move the rott certificate to an Domain controler Server and iliminate the current one.I...
View ArticleBranchCache Third-Pary SSL Certificate
Can a third-party SSL server or wildcard certificate be used for BranchCache? If so, what would be the procedure for installing either cert on a hosted cache server and client?Hosted cache server =...
View ArticleEvent ID 13 enrolling DC Cert
I recently migrated our network from 2 W2003 DC's to 2 W2008 DC's, these are new servers, not in place upgrades. I installed AD CA on one of the DC's, and have since also installed it on the second...
View ArticleHow personal certificates (pfx) can follow users when they log on to...
Hello...I have all computers (XP) in domain. Our users works on diferrent computer each day and they need their personal certificate (pfx) on the computer when they log on. I'm the begginer in...
View ArticleDisabling DeltaCRL - transition issues?
Disabling DeltaCRL - transition issues? When disabling DeltaCRL on a CA, will clients with already cached BaseCRL have issues (since there will be no more deltas published) until the BaseCRL expires...
View Article