Windows smart card certificate login with AD account mapping from trusted domain
We are trying to set up a CentralAD (windows2012) for our service with Outgoing external, not transitive trust to a few customer domains. The client computers are members in the CentralAD...
View ArticleStop Windows Firewall on Windows 2003 R2 : impacts ?
Hello, I would like to stop the Windows Firewall on my Windows 2003 R2 servers. I would like to knows the impacts of the change ? I already read that Windows Event Collector must be stopped... Regards,
View ArticlePKIview Snapin on 2012
Hi,Am doing my first Windows Server 2012 ADCS install and cannot seem to find the PKIview snapin (Enterprise PKI) that was in server manager in 2008 R2. Has this been removed? If so what is the...
View ArticleActive Directory account for autologon
Hello,I would like to start a discussion about following matter I have encountered. We have migrated a physical server to our VM enviroment in one of our data centers. Now I'm setting accounts, that...
View Articlelocal admin report
Good afternoon,First, i'm sorry for my bad english... I need a vbs script to list all the users with local admin rights in all my machines of the domain. I need execute this vbs script with a GPO or...
View ArticleADCS - ROOT CA domain member ?
Hello,I have installed a RootCA(Standalone) and SubCA(Enterprise) in my company and all its working well.But, I just see that is not recommended to have ROOTCA as domain member. How can I do to fix...
View Article"No Certificate Templates Could Be Found" - For Auth User
Hi All,Ihave a problem with my CA, i can ask a certificate for an administrator user with the web/certsrv and mmc console but for all auth users it's impossible.any Ideas ?Thanks :)
View ArticleAutoenrollment for User Certificates - Not showing in Personal store?
We have one Win 2008 R2 Enterprise CA. All Windows 7 clients. The CA was setup before I started. The GPO settings for Autoenrollment were already set up for both Computers and Users. The company...
View Articlepassword protect folders on terminal server environment
Hi,I know this question has been answered before but maybe i am going on a wrong direction with this:Situation:I have in my Windows 2008r2 network a group of public user accounts which can be used by...
View ArticleWindows 2012 Direct access ip-https certificates
I'm looking at setting up Windows 2012 Direct Access with a single adapter behind a NAT device.The query i have is over using a public/Third-party wildcart SSL cert on the DA server for ip-https.We...
View ArticleDisabling DeltaCRL - transition issues?
Disabling DeltaCRL - transition issues? When disabling DeltaCRL on a CA, will clients with already cached BaseCRL have issues (since there will be no more deltas published) until the BaseCRL expires...
View ArticleWindows Server 2012 CA: CDP location
Hello!All articles I ever read on CRL and CDP say a CDP can be hosted EITHERby 1) file share 2) http 3) ldap, for...
View ArticleCertificates - Cross Certificate
We have a 2003 Certificate Server. We wish to add a Windows 2012 Certificate Server to the same domain but preserve the Windows 2003 server for old existing certificates that are not compatible with...
View ArticleWindows 8.1 Certificate Renewal Error on AD CS 2008
Configuration: Windows Server 2008 Enterprise AD CS Root/intermediate, Domain Win 2008 R2, Windows 8.1 and Win 7 clientsWhen attempting to renew a email encryption certificate using the same key via...
View ArticleRe-enrollment issue
We are upgrading the clients to Windows 8.1 with SCCM 2012 and are experience a strange issue with users and computers certificates, the clients both consist of laptops, desktops and hybrids (Lenovo...
View ArticleHow to locate Malicious or unwanted scripts in a Server 2008 R2 install?
I am Managing two systems as part of a competition, Windows Server 2008 R2 and a Windows 7 Machine. The competition is the National Collegiate Cyber Defense Competition. Part of my issue is i normally...
View ArticleUnable to Export certificates as Personal Information Exchange - PKCS #12...
We are using Windows 2003 Certificate Authorities, and we are unable to Export certificates as .PFX, our only options are, DER encoded binary X.509 (.CER), Base-64 encoded X.509 (.CER), or...
View ArticleAD computer issued certificate & cloning process
All Windows workstations get autoenroll computer certificate.Obviously for the cloning process (that does involve mini sysprep) one would remove the certificate (so there is none in the image)Will the...
View ArticleCan the same IIS web server be used for Web Enrollment and AIA and CDP?
I'm designing a PKI for my company and will need a web server accessible from outside for doing web enrollment as well as for publishing CRLs and AIAs. Can this be the same server?Can anyone point me...
View ArticlePass-through authentication failing
The enviroment: Server A: Windows Server 2008 R2 / IIS 7 Server B: Windows Server 2003 R2 Domain Controller: Windows Server 2003 R2Both server A and B are part of the same domain.The issue: We have...
View Article