Workstations being Issued incorrect SUB CA templates
Hi ThereI current have two Sub Ca with the below templates assigned to it.Sub1 – Web, Workstation Sub2 – WorkstationThe issue I’m having is, when a new workstation is added to the domain, it randomly...
View ArticleRequire Smart Card
Is there a way to require Smart Card logon on the user level, whereby we can require a specific user to login with a Smart Card to no matter which computer he tries to logon, while at the same time...
View ArticleFirewall ports
HiI have a few DC, 3 of 5 of them also do CIFS shares.I have a windows client in a Secure VLAN, I wanted to know what ports do I allow (W7 client) to allow for authenticationThis KB...
View ArticleEncountering Error message
I am getting below error message while backing up private key in Root CA:Windows cannot back up one or more private keys because the CSP does not support key export. Do you want to continue and backup...
View ArticleWorkstation login failures not being logged on domain controller
For some reason our domain controllers (2008 R2) are not logging failed logon attempts from users on workstations. The 4625 event ID will get logged on the workstation but not on the DC. Account...
View ArticleDo i need to be a technology expert in order to secure it?
Hello Everyone,I received an offer from one of the top oil & gas employers in the gulf region. I will be responsible for server & desktop systems hardening, network security hardnening, and...
View ArticleCertificate key usage in standalone CA
I have a problem with a standalone sub CA. Certificate must be able to sign Outlook mails, encrypt them and sign Word documents, so in certqtp.inc I've changed rgAvailReqTypes parametr for my...
View ArticleIssuing Printer Certificates
Hey,I've rolled out port security for windows workstations and now I'm working on other devices, primarily Lexmark printers (using Certificates). Can someone explain to how I can issue a certificate to...
View ArticleUnable to start Certificate Services, "Keyset does not exist".
Hello All,Not sure how this happened, but my CA is pooched. I'm running Windows Small Business Server 2003, SP2. Certificate Services appears to start, then stops with the following error in the...
View Articlecertificate error
I am getting a certificate error when logging on to my external firewall device. This CA Root certificate is not trusted. To enable trust, install this certificate in the Trusted Root Certification...
View ArticleCreating limited admin account
Hello,We are using Win2008R2 Std Active Directory and I would like to create a new group for new IT starters. They will need access to join computers to the domain, install software on domain...
View ArticleEvent 528 / 538 Logon type 2 occurs on a 2003 server with no keyboard,...
Among other servers, I have a couple of 2003 Standard servers (non-DC).Tracking the security log I see events 582 and 582 occurring at the same time + the logon type is 2. however the server has no...
View ArticleCertification Authority
We installed the Certification Authority service on a 2008 server. How do we issue a certificate to a user to allow them to digitally sign Excel and Word documents? When I try to sign a document...
View Articleserver 2008 audit logon events locally
Hi, to the best of my knowledge the logon events for any server are logged in the event viewer only on the it's perspective DC.I want to be able to see logon events that are generated from a local user...
View ArticlePKI Certificates on non trusted domain machine
Hi,To setup a distribution and management point for System Center Configuration Manager.We have created some Certificate Templates on the CA in DOMAINA1 is a web server based templated with Supply...
View ArticleIssuing certificates for user and clients from different forest/domain
Hello,at first I would like to say that I have made some researches on this forum and in the Internet overall.I have AD Forest with ~10 sites all over the Europe, DFL and FFL is 2008 R2, right now we...
View ArticleTrusted Root Certificate Error
I have a web server in a different domain. Firewalls are open. I took the machine certificate from Domain A and installed it on Domain B client. I want to access Domain A's website. I added the domain...
View ArticleCA Cluster Server 2012
Hi!!! I configured a CA in Windows Server 2012 Cluster and it is working!! However CAServerName registry entry show the name of one of the nodes. This parameter should be change to name of...
View ArticleWindows Server 2008 - Problem on Active Directory Users and Computers
Currently, our office server is installed with Windows Server 2008, which is facing a problem entering the "Active Directory Users and Computers" It always prompt the error message below and we are...
View ArticleHome Folder Permissions
I need to move all of my User's Home Folders to another server that will be running Windows Server 2013 R2 Standard. The reason for this is capacity on the current server is low.I am trying to...
View Article