Windows Server 2008 R2 Certificate Authority dependency on Active Directory...
Hi, We are planning to upgrade our Active Directory environment from Windows server 2008 R2 to Windows Server 2012 along with Active Directory but Domain and Forest funtional level would remain...
View ArticleCommand Line Tool to map AD User Accounts to Certificates
I there a command line tool that allows you to map a AD User Account to a Certificate...other than Power Shell? Something omitted from dsadd?
View ArticleAuto-enrollment certificate without enroll Permission
I am Domain Admin of a company. We implement Active Directory Certificate Services in our company for email signature and encryption. Because we have more than 1000 users in our company, we want to...
View ArticleW2k3 Auth failed with KRB5KDC_ERR_ETYPE_NOSUPP when using DES
We are authenticating users on AD server 2k3, and the users are setup in AD to use DES (checked "Use DES encryption types for this account" in user properties).It failed somehow with ETYPE_NOSUPP. From...
View ArticleDoes the uulnerability in KB329308 apply to Windows 2008 R2
I have been asked by my security team to deal with the vulnerability described in KB329308 on some Windows 2008 R2 servers. Windows 2008 R2 is not listed in the affected operating systems.Does the...
View ArticleServer Passwords vs Office Passwords
I have been told that MS Office passwords are easy to hack. I need to know if Server passwords, namely 2008 R2, are as easily hacked? I am not looking for a technical answer, just something like:...
View ArticleIPsec main mode negotiation failed - Failure reason: No policy configured
Lab setup: Windows Server 2008RC2 running CA, DC, NDES roles. Client: Embedded Linux device with strongSwan 5.1.1 and openssl. I have successfully configured NDES and SCEP, and enrolled a machine...
View Articlektpass usage and mapuser option
i just want to find out what the purpose of mapping a user to a service using ktpass is. For example i am on windows and i run ktpass like thisktpass -out <keytab location> -princ...
View ArticleSite Certificate
Hello EveryoneI have a domain controller running on Windows Server 2008I have also a webmail which is not certified ( https://www.asiasat.tv:2096 )i need all my users in the domain to pass the...
View ArticleActive Directory Rights Management Services
If a legitimate user sends a right protected file to a malicious user then, the receiver receives a .rpmsg file which is encrypted. The question is, " Can anyone Brute force and open the file "..?Thanks
View ArticleBroadband router for satellite broadband that allows use of SSTP VPN ?
I have satellite broadband (AVANTI).I wish to purchase a wireless cable router, but this needs to allow use of an SSTP-based VPN that I use to access a work intranet remotely.What do I need to look for...
View ArticleADFS SSL Certificates
I am trying to setup a SSO solution using Active Directory Federation Services 2.0, and I am having trouble with the security certificates.I have my ADFS server and my ADFS proxy server running on...
View ArticleS/MIME Certs for Outlook
Morning!My question is what Windows CA templates would you use to generate a cert for S/MIME encryption in Outlook? Having hard time finding a straight answer to this as I would like to create a...
View ArticleADSF Internal Server Certificate - Internal CA PKI Cert or Public 3rd party?
Hi,We're setting up an ADFS-server for internal use initially. If we ever decide to use this as a trust to Another Company or to Office 365 - will we need to change the certificate to a 3rd party...
View ArticleCisco ISE and NDES?
Wanting to use Cisco ICE in front of Windows Server 2012 or R2 NDES. The following article states that NDES should NOT be clustered or load balanced and setting a single password is not...
View ArticleUsefullness of Certification Authority Web Enrollment?
If a deployment has Certificate Enrollment Web Service andCertificate Enrollment Policy Web Service installed is there still a need forCertification Authority Web Enrollment? This Windows Server 2012...
View ArticleProblem Getting Log on Screen to Appear
I'm a student who is working at a company for placement. They have given me a server to play around with and told me to install Windows Server 2012 R2 Standard Edition. I had installed it and set up a...
View ArticleMS11-061 still vulnerable after patch applied
I have a Windows 2008 R2 Server serving as an RDS gateway. We also use Qualys to do vulnerability scanning. Qualys is still reporting: Microsoft Windows Remote Desktop Web Access Elevation of...
View ArticlePublishing CDP/AIA/OCSP to DMZ web server?
I am considering placing two load balanced Windows Server 2010 R2 non-domain joined web servers in the DMZ for external AIA/CDP and OCSP revocation. I was wondering if there is a good write up about...
View ArticleCreating a security group for S/Mime cert auto-enrolment
We currently have auto-enrolment rights for an Exchange User cert granted to Domain Users. In our environment this is generating more than 50,000 failed requests each week by service accounts which...
View Article