Account Lockout - Reset account lockout counter after
Hi Expert,Would you know any disadvantages if we set the Account Lockout Policy - Reset account lockout counter after to longer value e.g. 24 hours or maximum of 99,999 minutes.?Regards,Jhun
View ArticleIntermediate Certificate Authorities
Hi, i need to import a set of certificates coming from our global partner but the problem is, these certificates should be stored in "Intermediate Certificates Authorities" but the problem is our DC is...
View Articlecertificate enrollment via web && without installation
Certificate Enrollment API and Cryptography API provided by Microsoft enables us to programmatically apply a certificate and install it on local machine.After referring to the sample code...
View Articleneed workstation authenticate certificate from CA on machines in other domains.
We are configuring Https in config manager 2012.We have created the 3 certificates required.ConfigManager CLient : based on workstation authenticaton template, instructions dont specify supply subject...
View ArticleCan you configure a static port to use with certsrv.msc?
I am trying to use certsrv.msc to connect from my workstation to the CA for administration purposes. Workstation is Win7, CA is 2008 R2 Enterprise running Enterprise Subordinate on a dedicated box.I...
View Article"windows cannot back one or more private keys because the CSP does not...
Hi all; When I want to backup my CA database and private key, the following error message appears: windows cannot back one or more private keys because the CSP does not support key export. Do you want...
View ArticleClik here to view.
Unable to back up CA because private keys are not exportable
We have a single CA server in a domain that was upgrade to Windows Server 2012 last year, and this year we're looking to replace it with a Windows Server 2012 R2 server.However, in the process of...
View ArticleComputer Certificate Auto Renewal
I have a Cert Authority running on Windows 2003. I have clients running Windows 7. We do not have any Automatic Certificate Request setting configured for any template.There are lot of server Windows...
View ArticleMy Server is participating in an Exploitable chargen service attack
I have a small web server - Windows 2003. I was informed by some ISP that my server was participated in an Exploitable chargen service attack.I just wondering how my server was compromised. How can...
View ArticleClik here to view.
Access Denied for EFS File
I've been dealing with a very annoying problem with EFS for the past two day. I've hit a brick wall so I hope someone can help me figure this out. I have an Enterprise CA setup in my environment and...
View ArticleMigrate Active Directory Certificate Services Root and Subordinate, which first
I am working on a project to upgrade / migrate my 2008 R2 CA to 2012. I have a Enterprise Root CA and a Subordinate CA. I am following the standard migration plan of standing up 2 new servers and...
View ArticleIE cannot display the webpage
Recently we have moved our site from a windows 2008 server to a windows 2012 server. We have a wild card 2048bit certificate from comodo that has sha1 signature hash algorithm.The site is working at...
View ArticleADCS - Invalid AIA and CDP paths
Hello, I have a 2-tier PKI infrastructure; 1 offline stand-alone Root CA and 1 Enterprise Subordinate Issuing CA. Both are running Windows 2012 R2. The Issuing CA is a member of a WIndows 2008 R2 AD...
View ArticleKerberos Encrytion Types 2k3 to 2k8r2 problems after migration.
server 2k8r2 is not allowing a unix box to authenticate unless it sends;•aes256-cts-hmac-sha1-96 •aes128-cts-hmac-sha1-96• des3-cbc-sha1 • rc4-hmac des-cbc-crc • des-cbc-md5 • des-cbc-md4in the...
View ArticleIIS 8 Wont Trust Windows 2012 Root CA Cert
I can't figure out why my IIS 8 website trusts my Windows 2003 root CA but not the Windows 2012 root CA. Both roots are installed in the trusted root store, but the server behaves as if the new CA...
View ArticleWindows Firewall Local Principals
Hello,First of all does any one have a link that explains usage for the new "Local Principals" tab in Windows 2012 R2 Windows Firewall?Secondly, i have setup an Windows 2012 R2 RDS server. Then i have...
View ArticleVersatile (multiprotocol) VPN on 2008 R2 server
Hi, I tried to get a clear and hands-on understanding of the following concepts : VPN, EAP, NPS, RADIUS, PKI, IPSEC, Certificates. Then, I decided to put them together and to use some examples found...
View ArticleWindows Server 2003 SP2 End of Life
When will security patches stop being released for Windows Server 2003 SP2?
View ArticleWindows 2008 R2, Internet Information Services: Changing security settings to...
Hello, I would like to ask if somebody's there who could help me: I am a PHP developer from Stuttgart, Germany. In my PHP web application I want to edit text files by using PHP code.These...
View ArticleClik here to view.
revoked subCA PKIView error
Hi all,I have 2 tiers PKI hioricky as below:Offline RootCA=RootCAOld SubCA=Hyperv1New SubCA=DCSo what I did can be summarized as below:1. build a new SubCA server called DC2. submit the new SubCA...
View Article