Issues opening attachments
All of my users cannot open attachments receiving through outlook. The attachments are showing corrupted when try to open or save. I have windows server 2008 r2 serving as the domain server. I am not...
View ArticleMimikatz hack tool dump pass from memory
Hi there,Is there some way to protect WinOS against this tool: http://blog.gentilkiwi.com/mimikatz (Sorry this is in french but the first print screen is relevant...)According to the author (no NTLM,...
View Articlesteps to renew root, subordinate, and issuing CA certificate authority in...
Hello Experts, We do have a PKI infraestructure in place running Windows 2008 R2, AD Forest/Domain functional level are Windows 2008 R2. All DCs, and certificates servers are Hyper V VMs running...
View ArticleSome User's certificates are not published in AD while most of them are
Hi,I've setup a CA which delivers Exchange Certificates to allow sign & crypt e-mails. Roaming Credentials have been setup on my domain (multiple user connections over multiple sites with distinct...
View ArticleServer 2012/2012 R2 special groups
Hi,When we are browsing through the local policy, we noticed that there are some special groups,1) Windows Manager Group2) NT Service\All Services3) wdiservicehostWe would like to clarify with you guys...
View ArticleSmartcard certificate propagation only works as Administrator
We have 2 terminal servers in our team, which are members of a domain. I am just the admin of these 2 servers, but not the domain admin.Our company uses smartcards for login and mail en- /decryption...
View ArticleBest way to provent someone stealing password Hashes..?
Hey everyone,I am doing some research on finding the best way to prevent someone with access to our network getting Active Directory password Hashes. Specifically, are there any legacy group policy's...
View ArticleEvent ID 36887, Schannel 45
Hi,I've been noticing the following in the Event Log:Event 36887, SchannelThe following fatal alert was received: 45 Log Name - SystemSource - SchannelEvent ID - 36887Level - ErrorUser - SystemOpCode:...
View ArticleCertificate Validity Period Question
I work for a foster care organization and cant decide on how long we should have our Validity period last. These certificates will be used for digitally signing word docs. The problem im running into...
View ArticleCertification Authority
We installed the Certification Authority service on a 2008 server. How do we issue a certificate to a user to allow them to digitally sign Excel and Word documents? When I try to sign a document...
View ArticleUnderstanding file security model (or Why Can't I Access That File??)
I'll try to provide a simple example of something I find perplexing:Folder_1 has access rights which include full access to the Administrators group.I'm logged in as User_A which is a member of the...
View ArticleAutomatically publish the CRL via HTTP
Hello,My question ishow can Iautomatically publishthe CRLto a resourcelocatedon another serverandmappedto IIS,whichexposesthis listvia HTTP?Currently, the listis publishedby the...
View ArticleWhy is "Authenticated Users" in the local Users group by default?
This has been bugging me for as long as I can remember:By default, "Authenticated Users" is a member of the local Users group on all Windows Servers (2003/2008/2012).My colleagues, and I, agree that...
View ArticleClik here to view.
What are the default MSMQ private queue permissions on Windows 2008 Server
I have installed MSMQ on a publicly hosted standalone Windows 2008 Server (workgroup), already running IIS 7.0 and a number of .NET websites. I've created a private transactional queue named...
View Article401 - Unauthorized: Access is denied due to invalid credentials
After installing MSCEP, enter http://Server2008/certsrv/mscep_admin in the browser.Enter correct user name and password in pop-up box. Windows 2008 keeps rejecting the correct user name and password....
View ArticleClik here to view.
Windows 2008 R2 - Multiple Vendor DNS Query ID Field Prediction Cache Poisoning
Hi GuysRecently we had our audit report last month, one of the finding make me confused, we has one item call "Multiple Vendor DNS Query ID Field Prediction Cache Poisoning " in risk level is high. I...
View ArticleLDAP / SSL - CA for Domain Controllers
Hello, Current environment:Single forest domain both internal and external domain as abs-qx.comWindows server 2008 R2 Enterprise Primary domain controller which has all the FSMO Roles and NTP server...
View ArticleCertificate Validity Period Question
I work for a foster care organization and cant decide on how long we should have our Validity period last. These certificates will be used for digitally signing word docs. The problem im running into...
View ArticleRecommended Registry Settings for Disabling Weak Ciphers are not working?
This issue is killing me, but for some reason even though I've followed the MS KB articles and am sure that the reg keys are set correctly I'm still failing PCI tests due to weak SSL 3.0 and TLS 1.0...
View Articlecertification authority - Migration
Hellopeople,I have acertification authorityinstalled on myDC.I need tomigrate thiscertification authoritytoanotherserver withjust this functionand removetheDC.How can Ido thissafely, without...
View Article