Performance of queries against large AD CS databases - how to optimize?
I am asking experts with experience with AD CS databases with 100.000s or millions of certificate to confirm or correct my "theories".I am aware of these two articles that state performance is not an...
View ArticleMigrate enterprise CA from 2003 to 2012
HiI migrate root CA from 2003 to 2012. To verify i try enroll the cert but got the error id 13.i think the position <Data Name="CA">N/A</Data> can be the reason of this issue. The firewall...
View ArticleADCS - Auto enrollment for user certificate (with private keys)
Hello,I will deploy a WIFI architecture in my current network which will be configured with an NPS authentication and client certificate (private keys is required).In my lab, when I export manually my...
View Article401 - Unauthorized: Access is denied due to invalid credentials
After installing MSCEP, enter http://Server2008/certsrv/mscep_admin in the browser.Enter correct user name and password in pop-up box. Windows 2008 keeps rejecting the correct user name and password....
View ArticleCertificate Enrollment Problem
I have a Windows Server 2008 Enterprise Root CA with a different Windows 2008 Server running the Cert Enrollment website (ussing SSL). Any certificate that I attempt to request (Vista or XP) results...
View ArticleBitlocker autounlock
Hi,I have a fresh new domain controller running a Windows Server 2012 R2 machine running as an Hyper-V guest. I want to encrypt a fixed data drive using BitLocker, but that drive must auto-unlock...
View ArticleBackup Windows 8 bitlocker key to Windows Server 2012/ 2012 R2 AD
Hi,My environment has 20 new clients laptop (without TPM chip) install with Windows 8 and plan to enable bitlocker and backup bitlocker key to AD for recovery purpose.May i know how to do this, since...
View ArticleResource-based constrained delegation in real world
Hi allI have a very simple scenario: web server + back-end server with serviceThe web server (Application Pool Account) and back-end service both running under AD account. Using standard delegation...
View ArticleUnsolicited contact from Windows 'call centre'.
I received an email ( which Windows LiveMail highlighted in red) which was automatically deleted. The following day I received three phone calls, purporting to be from Windows, which sounded like a...
View ArticleWindows Server 2012 R2 "The password is incorrect. Try again."
Hi,I tried to login to my Windows Server 2012 R2 and I got this message "The password is incorrect. Try again." Although the username and password are absolutely correct.Any thoughts. Thanks.
View ArticleWindows 2008 R2 AD CS enterprise and stanalone ca for AD user certificate
Hi,We are running Windows server 2008 R2 Active directory domain. Planning to implement single sign on solution for an application. However, all of our clients are running Mac and they do not join to...
View ArticleRecover private key for a webserver certificate that was issued to a server...
Environment: Sub/Issuing CA is Windows Server 2008 Ent R2 in Forest AFew years ago, A web certificate was requested from forest B using enrollment web site https://web.foresta.org/certsrv. The cert was...
View Articlehow to give permisson AD user to login server
hi i have 2008 server i plant to give one AD user to login our company server but he do not has administrator rights i must give one user to login our server without admin rights.i try to give this...
View ArticleActive Directory Certificate Services could not use the provider specified in...
Recently on my Home Server 2011, three important services have been failing to run: Windows Server Addins Infrastructure Service, Windows Server Identity Management Service, Windows Server Server...
View ArticleADCS sessions
In ADCS on Windows 2008R2 we are getting " An attempt was made to open a Certification Authority database session, but there are already too many active sessions" on a request...
View Article2k8R2 StandAlone RootCA requires presence of Domain Controller after migrated...
Hello: Setup: Previous CA: 2k3Server, Ent. The certification authority is a Standalone Root CA. Actual CA: 2k8 r2 Server, Ent. This certification authority is migrated from the "Previous CA". I have...
View ArticleHow to determine the source computer\device causing an account lockout?
Hi Folks,I'm having a problem with a user's account being locked out about once per day. This user is my boss's boss, so the pressure to find a solution is somewhat higher than normal.We are currently...
View ArticleWindows Server 2008 R2 - Offline Root CA published to Intermediate Store...
I have a 2008 Server R2 setup on which I am configuring Auto Enrollment. I am using an External CA for issuing certs. While issuing a computer certificate from a template, Root CA cert is getting...
View ArticleMoving AD Certificate Services
I've inherited an AD environment with two CA servers. The original CA is on a server that we are trying to permanently retire. It appears that in the past someone had tried to install a new CA and...
View ArticleAn error occurred while applying security information to: c:\boot,...
Hi,I am using an administrator account to change the permission setting in the c:\ drive of my w2k8 x64 server.Every time I try edit a permission (read, write, read & execute..... anything), I got...
View Article