The revocation function was unable to check revocation because the revocation...
Hi,I've got a problem akin to this one: http://social.technet.microsoft.com/Forums/en-US/winserversecurity/thread/348a9b8d-8583-488c-9a96-42b892c4ae77unfortunately the solution provides there didn't...
View ArticleDeny List Folder persmissions
I have a simple SQL database which enables users to access specific files residing on a network location which will primarily consist of microsoft office documents.I wish to prevent the users from...
View ArticlePKI view , AIA and CDP locatiion for the RootCA has red crossover " unable to...
I am trying to create a PKI infrastructure on winserver2008R2 enterprise as followsoffline ROOT CA---StandaloneOnline Intermediate CA -- enterprise PROBLEM: on the intermediate CA: using enterprise PKI...
View ArticleGuest account with changing password
Hey all,So I would like to allow friends or others to be able to access files from IIS when I give them access. Im thinking the best way would be a system that would change the password every 6 hours...
View ArticlePKI 2012 R - How to Get Security Certificate via Autoenrollment from the CA...
Hello All,Thare 2 Active Directory sites in 1 domain.Site1 contains DC1 (domain controller), RootCA (enterprise root CA),SubCA1 (enterprise subordinate CA - issuing) and W701 Windows 7 laptop.Site2...
View ArticleDirectAccess easy-quick-short lab ?
Hi I'm learning for MCTS 70-642 exam and I’m trying to be hands-on in Direct Access. I'm using 2008R2 and Win7 VMs on VmWare. I did deploy DirectAccess at least 10 times. At every trial, I struggled a...
View ArticleADCS - Invalid AIA and CDP paths
Hello, I have a 2-tier PKI infrastructure; 1 offline stand-alone Root CA and 1 Enterprise Subordinate Issuing CA. Both are running Windows 2012 R2. The Issuing CA is a member of a WIndows 2008 R2 AD...
View ArticleNTFS permissions - Only access to folders created by the user himself
Hi, I once came by an TechNet article explaining how to set up the NTFS permission on a shared folder, so the users would have rights to create a subfolder, and then only have access to this folder,...
View ArticleCertificate issued by AD Certificate Services Expired and won't renew, how to...
Hi,One of our internal web sites certificates expired so it can't be renewedFrom the "Failed Request" folder:"A required certificate is not within it's validity period when verified..."So I need to...
View ArticleNew internal PKI - SHA-1 or SHA-256
Hi,I am just wondering what are the experience with SHA-256 on internal two-tiers PKI solution? Is there any new common applications or devices not supporting SHA-256? I have often used SHA-1 to get...
View ArticlePrevent Copying EAP-TLS Client Certificates To Multiple Devices?
We would like to switch from MSCHAP PEAP to EAP-TLS wireless for two reasons.The first reason is to eliminate dealing with expired password and troubleshooting wireless disconnections and account...
View ArticlePKI 2012 R2 - Subordinate Enterprise CA Receives Reduced Expiration Period in...
Hi All,The PKI infrastructure includes the following elements:All CAs are Windows Server 2012 R2 member servers.Online Enterprise Root CA: RootCA [RSA (4096 bit)].Enterprise Subordinate CA SubCA01 and...
View ArticleWhat triggers UAC
I have a server 2012 system we want to use for our desktop support personnel to run Active Directory User and Computers. We do not want them running it on their own desktop (pass the hash concerns),...
View ArticleAudit to ServicePrincipalName Change
Hi every:I have a consult about how I can Audit the change on attribute "ServicePrincipalName"? for example: Service/Server:port, change/update Service/Server, delete the port. or delete complete...
View ArticleCertutil -deleterow cert Access is denied
I'm having trouble running certutil -deleterow %date% cert command.I get an access is denied error. I am a CA Admin and have rights to do it. I ran the command prompt as administrator.The weird thing...
View ArticleMy Server is participating in an Exploitable chargen service attack
I have a small web server - Windows 2003. I was informed by some ISP that my server was participated in an Exploitable chargen service attack.I just wondering how my server was compromised. How can...
View ArticleClik here to view.
Server 2008 R2 security error 4625
HelloI'm hoping someone can help me or point me in the right direction. I have 2008 R2 machine running exchange and I keep getting the following error.An account failed to log on.Subject:Security ID:...
View ArticleHTTP port error
Not sure if this is the correct forum but I continue to get this error on my server:TCP - HTTP Port 80 FAILED on company\SERVER at Main for GET / HTTP/1.1\nHost: 127.0.0.1\n\n result 10.686 second...
View Articledecrypting the bitlocker in sd card
Hi Just because of my curiousity , i turned on my bitlocker in my sd card . To make the long story short , i really hate waiting so i plugged out my sd card during the process of encryption . thats...
View Article