Event ID 4724 in field Account Name record ComputerName
Sometimes, the security event register the computer name and not the username that change password. Somebody know why happen that?An attempt was made to change an account's password.Subject: Security...
View ArticleEvent 6, CertificateServicesClient-AutoEnrollment
I installed a new Root CA in for our internal/corporate network a few months back, set up certificate autoenrollment, verified that machines are getting automatically enrolled with new computer certs...
View ArticleClik here to view.
KB2845142 Setup Error (Bulletin ID MS13-052)
Hi,we are try to install windows server 2003 sp2 32 bit updates, its showing below error please help me Regards:Chandrasekhar
View ArticleRemoving a Subordinate CA
First some background:OS: Server 2008 R2 STDI have one Enterprise Root CA on SERVER1 (brand new, standalone server, no issues)I also have one subordinate CA on SERVER2SERVER2 is also a DCI would like...
View ArticleAll logins rejected
We have a network with two Windows 2008 Std servers acting as domain controllers. On "Server1" a newly minted system administrator didn't understand why two servers were appearing under "Domain...
View ArticleWhat are Comments and FIX Description value like from the result of "wmic...
I would like to identify patch class(critical update,security update,feature pack,etc) from the result of wmic qfe.Is there any way ?
View ArticleIIS Server 7.5 403 Forbidden Access Denied Error after submitting login Page
Hi All, Need help to resolve below error: 403 - Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied. Getting this error once...
View ArticleClik here to view.
PEAP Certificate when using RADIUS Proxy
Hi,I need to use PEAP in the wireless environment. I am using Win2012 R2 for Radius proxy server and Radius servers.When I configure PEAP at first Radius server, I get the following message:I need to...
View ArticleHow to obtain PEAP certificate for RADIUS in a multiforest environment
Hi,The scenario is the following:2-tier PKI installed at ForestA. 1 stand-alone root CA and 1 enterprise subordinate CA. The servers are Windows 2012 R2. The domain and forest functional levels of...
View ArticleEvent 4674: "An operation was attempted on a privileged object" on Windows...
A while ago I enabled auditing on my WS2008 Servers and started noticing the following event repeating in the Securtiy log.Log Name: SecuritySource: Microsoft-Windows-Security-AuditingDate:...
View ArticleNTFS Permissions - Restricting Access- Users Cannot Rename
Hello.I have three different directories (COMMON/PRIVATE/USER) and subfolders underneath each:I have a security group (SG-Accounting) whose members have free reign under Common (Create/Delete/Rename),...
View ArticleFederation Services - Forms Based Login for non-Windows clients.
(I couldn't find a forum specifically for Federation Services - mods please move this if there is one)Hi,I'm looking for help on Federation Services 2.0 and using forms based login for internal clients...
View ArticleClik here to view.
Implementing AD CS Two Tier Hierarchy with DMZ publishing
Hi,I followed this guide:http://social.technet.microsoft.com/wiki/contents/articles/15037.ad-cs-step-by-step-guide-two-tier-pki-hierarchy-deployment.aspxI'm looking for an implementation with a DMZ and...
View ArticleGenerate SSL cert with stronger signature algorithm such as RSA-SHA 1 or SHA...
We have a Certificate Authority (Version: 5.2.3790.3959) configured on Windows 2003 R2 server in our environment. How do i generated SSL cert with stronger signature algorithm such as with SHA1 or...
View ArticleMicrosoft-Windows-Security-Auditing_4625_Logon_"An account failed to log on.
HiHow to grant the proper permissions to a user:A process is using a user name and password to log on, for making calls to other processes/applications.please see the Event log: KeywordsDate and...
View ArticleClik here to view.
Is it possible to change the hash algorithm when I renew the Root CA
My Root CA is installed on a Windows Server 2008. The Hash algorithm of Root CA in my environment is MD5. I would like to renew the Root CA and change the Hash algorithm to SHA1. Is it possible to...
View ArticleNew Microsoft PKI Whitepaper has been Released
Here’s a great new PKI whitepaper from Microsoft I contributed to prior to my departure. It hasn’t been widely publicized or distributed yet, but you can get it direct from Microsoft. Entitled...
View Article(how to) Server Active Directory intergration with SmartCard (CAC)...
As the title states, our agency is at a stand still when considering moving to AD. We currently run a Novel (edirectory) and Windows (Clients) network infrastructure. We have a lot of services...
View ArticleKRBTGT "Golden Ticket" and Authentication Services
Recently I was forwarded and article regarding how a "Golden Ticket" could be created that basically gave Administrator credentials to the DC and other Domain Assets via a specially (maliciously)...
View ArticleCountry field in the subject name using mmc enrollment
Hello.I'm running windows 2008 ADCS and i have the following issue:i can't get the C=country in the certificate [some other fields (o, ou) do not appear also]The setup is the following:* certificate...
View Article