register spn for load balancer 3rd party object
hello there i'm trying to register spn for load balancer 3rd party object that i create in active directory in advanced to use it for kerberos authentocation for my backend iis's servers application i...
View ArticleApplocker Publisher Rule Not Working
Hi,I've got an Applocker publisher rule for JDK 1.6.0_45 on a 2012 R2 server. The dll's and exe's are signed by "Sun Microsystems, Inc." but despite the publisher rule, they are still being blocked....
View ArticleEnabling AES 256 GCM on Windows Server 2012 R2
I'd like to enable the use of the AES 256 GCM encryption instead of the AES 256 CBC. We already have ECC certificates based on ECDSA so that pre-requisite has been fullfilled. The certificate has a...
View ArticleThe use only smart cards for several hundred users
How can Iassignsoon as possible,useonly thesmart cardfor a few hundredusers?I also have a group ofpeople whowould like toallow the use ofa login andpassword, andsmart card.UsingGPOto the computer, will...
View ArticleAD CS 2012 R2 Disaster Recovery
Hi.I have a scenario where we're looking to deploy a standalone root CA with Enterprise Sub CA. We will also be using cross forest certification. However, we're looking at deploying a second Sub CA at...
View ArticleCertification authority objetcs for delegate user
hi i am looking grant delegate permissions for service user account on our AD , the permissions needed for user account who have to be only for the certification authority objetcs therefore your help...
View ArticleSHA1 or SHA256 and 2048 or 4096 when setting up a new Root and Sub CA
HelloCan someone please help me with the following question :)I understand from the cryptographic community no longer considers SHA1 secure, and recommend at last SHA256That being the case when setting...
View ArticleClik here to view.
PKI CA CLUSTER CRL PUBLICATION FAILURE
After configuring PKI cluster , I am not able to publish CRL, i am seeing the error below when i try to publish CRLEvent log errorEvent ID 74 Active Directory Certificate Services could not publish a...
View ArticleWin2k8R2 SP1 installer slipstream with post SP1 patches
I'm looking to slipstream a Windows Server 2008 R2 SP1 installer with all available post-patches released by Microsoft, so I can then deploy that installer package across a number of servers that do...
View ArticleWhy are Symmetric keys shorter than ASyemmetric keys and provide the same...
Hello Can someone please help me with the following question.Can someone please give me a brief (if possible) why Symmetric Keys which are much shorter than Asymmetric keys provide a similar level of...
View ArticlePPTP VPN
Hi, we are a group of networking students working on a VPN project. This question maybe rather simple but we have not been taught how to do any of what is required in this project.our network is...
View ArticleHow to exclude a user /group from auditing
Hi,I am enabling auditing on windows file system by enabling SACL on the file folder to everyone.It logs events for every user in the security log.Is there any way to exclude a user /group from auditing.
View Articleaudit of success or failure certification services
hello i have a scenario that i'm using a adcs server and i cannot see any audit of success or failure i wish to get some more information about how to exposing an events on my server for certification...
View ArticleClik here to view.
Certificate request not working with web server v2 template on windows 2012 R2
I have tried to generate a certificate request on my domain joined Windows 2012 R2. I have tried both online and offline requests. I am using the web server v2 template.Both Method fails with error...
View ArticleWeb Application Proxy received a request with a non-valid access cookie...
hi my enviroment includes adfs server and web application proxy server that configured and connect perfectly and in the recent days my web application proxy on my application event log report for id:...
View ArticleEnterprise CA option not enabled in Windows 2008 R2
I am making new installs of Win2008 R2 for Domain Controller and for separate CA. On the CA-Computer I cannot get "Enterprise CA" option during Install. Greyed out. I have seen the error in...
View ArticleInstall Enterprise CA option is greyed out
I'm having issues with the "enterprise CA" option being grayed out during installation of the ADCS role for a 2008 R1 Enterprise Edition server (for a new Ent. Sub. CA). The account I was using had...
View ArticleCertificate and Event Error Queries
Hi,Please bear with me as I am inexperienced when it comes to CA and DC's. I have been going through the Event Viewer on our only DC (Server 2003) and it keeps kicking out a few errors. I'm not aware...
View ArticleCertificate and Event Error Queries
Hi,Please bear with me as I am inexperienced when it comes to CA and DC's. I have been going through the Event Viewer on our only DC (Server 2003) and it keeps kicking out a few errors. I'm not aware...
View ArticleDNS secure dynamic updates disable
hi everyone i clone new dc in our org and we do not want the DNS service will automatically update thee records i looking for conigure to disable it thank you || bill watson 3rd
View Article