CertificateServicesClient-AutoEnrollment Events 13 and 6
Hello NG,We have some strange error messages on our second domain controller (application event log):Event 6:Bei der automatischen Zertifikatregistrierung für lokales System ist ein Fehler aufgetreten...
View ArticlePassword days reset?
Last year the password minimum password age was removed to accommodate an application roll out, and now we would like to get it back to 90 days. If I set it to 90 days, then I suspect most users will...
View ArticleNewbie Question On Root CA Backup With An HSM (General Question)
I am wanting to better understand the backup and restore process (in principle at least, without specifics) for a root or intermediate CA with a HSM.I do understand that if the CA does not have a HSM...
View ArticleHow to generate a Certificate
I cloned a server and made some changes to the server that was needed. The only problem I face is the certificate the new server has is a clone of the old one. How can I remove that old certificate...
View ArticleSecurity checks for my web applications
Hello together,I have a very special question. I just want to collect information, to learn, to get knowhow:I want to know how I could improve the security of the websites I developed and of those I...
View ArticleSSL Certificate Issues in Windows Server 2003
I have a 2003 R2 SP2 Standard server. I have a certificate issued by a trusted CA. The certificate opens and displays the "The integrity of this certificate cannot be guaranteed. The certificate may be...
View ArticleWindows 2003 ACL
Hi,Need answer to this question ASAP!I have a folder 'abc', 4 level down from the root level and getting inherited rights from the root level. Lets say 5 groups and 2 users.I would like to remove 3...
View ArticleSAM enumeration on Windows Server 2008 Domain Controllers
I've seen some other threads on this, but basically I am getting a result back from a Qualys scan that is saying that it can see a remote user list using NetBIOS and also it has Null Session NetBIOS...
View ArticleClik here to view.
CAPolicy.inf how to add "more info"
HelloI am trying to create CAPolicy.inf for my root CA to include Issuer Statement. On servers 2003 and 2008 this is not an issue. (I never sow that option)But on server 2012 Issuer Statement opening...
View ArticlePossible Kerberos bug in Server 2003 R2 x86 SP2 - client time (ctime) is random
Hello. I'm trying to get a stand-alone Windows 2003 R2 system to authenticate users against an MIT Kerberos V5 (v1.10) server. I've set up the host principal on the KDC, used ksetup on the Windows...
View ArticleRisks associated with Single forest single domain infra
Dear All ,We have setup an active dir infra with single domain and single forest (FSMO) , just curious to know why this setup is usually not recommended ?throw ur views
View ArticleResilent CA
Hi Guys and Gals,I have a single enterprise CA Server 2012 Ent, and I want to make it resilient.I am using VMWare, and shared disk is not supported (and it makes backups impossible via VCB), so I am...
View Articlesecurity compliance manager import to scap scanners
security compliance manager has some export features which I wonder if you can import into automated scanners to check the system for compliance to the template. Any ideas on what tools can use the...
View ArticleAutoenrollment of user certificates
Can someone confirm please? am I right in thinking that auto enrollment of user certificates in Windows 2003 Std CA is NOT supported? I believe its only supported in 2003 Ent.
View ArticleAccount Lockout: WHERE it comes from?
Greetings, We are suffering from several users account lockouts on our domain, and we cannot find a solution.I've read most of the usually linked threads about this, such as this one, this one or this...
View ArticleBest Pratictice Root CA and Subordinate CA - 802.1x
Hi everybody, I would like some tips about create a CA High Available for 802.1xI had a Root CA and now have installed a Subordinate CA from this Root CA.Is there any step after installing the...
View ArticleKerberos Constrained Delegation (KCB) and Read Only DCs (RODC)
gday all,We have configured a RODC in our DMZ as per the Microsoft Whitepaper.http://technet.microsoft.com/en-us/library/dd728035(v=ws.10).aspx We have a TMG server in our DMZ that is joined to the...
View Articleshared folder can be seen by network uers, have anabled ABE
HI,I have a number of shared folders i.e. sales, i only want the sales team to be able to see this folder and not others. I have enabled ABE and given access to the sales team only. However all users...
View Articlewindows server 2008 r2 http port
Hiwhat is the default http port for windows server 2008 r2.Might be a basic question, but Im not a admin!TnxSaif
View ArticleUsing Shibboleth with MS Exchange 2010
Hi folksI'm looking into the feasibility of using Shibboleth to assist in federating my Exchange and Sharepoint services with the University I work at.Effectively I'm after a Single Sign On experience...
View Article