good way to consolidate directory servers for centralized authentiation
I wandered into a company that has a lot of data centers and servers. However, the methods of authentication are all over the place. There are several AD instances (different forests), LDAP servers and...
View ArticleMigrate Server 2008 Certificate Authority To New Server Different Host Name?
Our internal CA is installed on one of our Exchange servers. Exchange is being migrated from 2010 to 2013, so all current Exchange servers will decommissioned and replaced with new new Hyper-V VMs...
View ArticleSeveral removed Certification Authorities on network
Hi, I have found that previous Certification Authorities on network was deleted some time ago and now we are having some problems related to Certificates. I think that previous admins was not stick to...
View ArticleSmartCard logon in a multiforest environment
How can i configure a workstation to logon to a specific domain/forest ?1) i have two forests - one user forest(U) and one resource forest(R)2) workstation are part of R forest and user objects are...
View ArticleActive Directory certificate Services - High Availability
Hiwe have One windows 2012 Issuing CA on virtual server with HSMs . We would like to add another issuing CA to ensure high availability if the existing one fails. what is the recommended...
View Articleadvanced certificate request fails
Hello,I get the following error when requesting an advanced certificate request from the certificate authority's web service: http://server.domain/certsrv/en-US/certrqus.asp. I'm doing the request on...
View ArticleClik here to view.
windows 2012 r2 wscript and csript problem
While symantec was install . Symantec must be run script on the windows 2012 server. however the script does not work. How can i enabled the script host for script and wscript
View ArticleADCS does not want to start - Evend ID 100
Hello,I have a problem with my ADCS services, it doesn't want to start with error EVENT ID 100 :Active Directory Certificate Services did not start: Could not load or verify the current CA certificate....
View ArticleOdd template name in certutil -view
Hi,When I use the ecertutil -view command to dump certificates from my 2008 R2 CA I see a strange name string for the cerificate templates, this name does not show up in the CA Administrator console....
View ArticleADCS - Exchange 2010 Active Sync and certificate based authentification on...
Hello,I have a Exchange 2010 with ActiveSync enabled for the mobile device and I want to secure it with a certificate based authentification.This exchange is typically configured with one domain...
View Articledisjoint namespace two-tier PKI hierarchy same forest two different domain...
Here is the error that stopped us from going further.Error on Subordinate:<v:shapetype coordsize="21600,21600" filled="f" id="_x0000_t75" o:preferrelative="t" o:spt="75"...
View ArticleWindows Server 2000 Advanced - Administrator Password Reset/Recovery
I took over tech job for church that has Windows 2000 advanced server environment that has mirrored hard drives...Previous tech or person that installed server does not want to play nice with the...
View ArticleCreate a bunch of computer based certificates
Hi all,Is there a way to request certificates in where i can choose the subject name of the certificate?Lets say i want 100 certificates for Ipads, so Ipads can make VPN connection. Is it possible to...
View ArticleErrors using ICertView connection from Windows 7 to Server 2003 SP1
Hello! I have a RootCA on windows server 2003 SP1. I connect to certificate store remotely using ICertView interface from Certadm.dll to retrieve issued certificates. This scheme works fine from...
View ArticleLogon failure event 680, 529 but credentials are correct
A bit strange on one Windows 2003 server.Whenever I do a remote administration to the server such as connect from services.msc to this server remotely, doing a remote registry connection or doing an...
View ArticleMigrating ADCS document
Hello, The most recent Migration Guide for ADCS http://technet.microsoft.com/en-us/library/dn486797.aspxis in conflict with previous versions, e.g....
View ArticleNext CRL Publish Date
I have a simple scenario on my Enterprise Issuing CAs"CRL Validity = 15 days.I want the Next CRL publish to be on the 7th day rather than the 14th day which is only one day before the CRL expires to...
View ArticleWSUSSERVICE.EXE Path White Space Question
Our security scanner is reporting that two services installed on our Server 2012 server is a potential security risk. The two services are:WSUSService.exe - Path: %ProfileFiles%\Update...
View ArticleWindows Security Group
Morning \ Afternoon all - We have a Security Group for our support staff, called 'TechSupport'. If a member of the TechSupport group creates a directory on the file server (running Windows 2012), then...
View ArticleSecurity Logs
As local admin or domain admin that equipped the right to browse domain computer file remotely. Is there any log can track or audit such access?
View Article