Upgrading Certificate Authorities from 2003 SP2 to 2012 R2
We currently have one offline standalone root certificate authority and one enterprise issuing certificate authoritythat are both running Windows Server 2003 Enterprise Edition Service Pack 2. Our...
View ArticleOCSP across domains - signing questions
hi all, another question for you2-tier PKI hierarchy with an offline root and 2 subordinate Enterprise CA's in different domains (also different forests, lets call them domain1 and domain2).We have an...
View ArticleMultiple Windows 2012 R2 subordinate issuing CAs, how do I make one preferred...
Hello,A while back I posted a question on another discussion thread regarding re-issuing new root CA with FQDN -...
View ArticleWindows Server Ent 2008 R2 ( Active Directory )
Hi All,We have Windows Server Ent 2008 R2 ADDS in our environment. Internal Auditing is going on in our IT department. The Auditor has performed the penetration test by using some tools and tried to...
View Article"CDCSERVER"
My domain controller logs show a server named CDCSERVER trying to login every account in our AD and locking every account out. We do not have a server named CSCSERVER and it is just constant. We have...
View Article"Strong private key protection" problem with Terminal Server Windows 2012....
Hello,I am having problems with "strong private key protection" in combination with Windows 2012 R2 RDP sessions.For 3 TS users I have installed 3 different personal SSL certificates in the personal...
View Articleremote desktop services with double authentications prompt
hello there i am looking for a guide to hardening my web server's remote desktop services with double authentications prompt i knows that it possible to configure i will appriciate help with it thank...
View Articlekerberos authentication on my web app environment
hi support and helpdesk mans i start work with kerberos authentication on my web app environment and i configured my iis (user account) to work with & everytime when i try to surf to web from...
View ArticlePublish certificate in AD
I have a problemwith publishing, certificatesinAD.I have atemplateon whichoption is selected"Publish this certificatein theactive directory".Based on thistemplate,certificates are issuedsmartcard...
View ArticleUnusual login problems for some profiles - virus like but nothing detected
About 1.5 months ago, we had two computers that would throw up a slew of executables upon login, and there was no way to stop them, but once they finished running in 20-30 seconds, the user would be...
View ArticleECC algorithm support with brainpoolP256r1 curve in ACDS 2012 R2?
Is there support forECC curve brainpoolP256r1 in ADCS 2012 R2 or in any other version of Microsoft Certificate Services?If it‘s not supported by default CNG algorithms (suite B) in Windows, then: is it...
View ArticleEnabling AES 256 GCM on Windows Server 2012 R2
I'd like to enable the use of the AES 256 GCM encryption instead of the AES 256 CBC. We already have ECC certificates based on ECDSA so that pre-requisite has been fullfilled. The certificate has a...
View ArticleCan we get certificate template list from CA server?
Hi,I have CA server set up in windows server 2008 R2. I have a client code in C# which created CSR sends to the server and downloads the issued certificate from server. I want to know can retrieve list...
View ArticleKDC identifying both with client authentication
hi everybody i am using a client authentication certificate template's , and i also want to use a KDC identifying both with client authentication looking for this configure specified thank you Marv...
View Articlerestric manager certificate and grant authority
helloa first thing i got request from of our managers basically we manages the Certificate Root server, we have 3-4 domains with same architecture, and we want to get control of who can manage...
View ArticleCRL and delta CRL generation schedule not fixed (CS 2008 R2 and CS 2003 R2)
CRL and delta CRL is generated daily at the same time in test environment (sometimes offset may be about 1 minute).Delta CRL generation statistics (effective date) in production environment :...
View ArticleI have KB2677070 and KB2813430 installed on Win Server 2008 R2 x64 SP1 (Std....
I'm working with Windows Server 2008 R2 x64 Std. Edition, w/SP1, fully patched, in a security environment.We run a security scanner (required by customer) to look for vulnerabilities on our systems....
View ArticleError loading default templates on new Enterprise Root CA
Good day! Deploy the new (first) Enterprise Root CA in our domain was completed successfully, but whit a warning - unable to upload the default certificate templates. Wizard advised to check the rights...
View ArticleNo Certificate Templates Could Be Found
Hi,We have just finished setting up a Subordinate Issuing CA (Windows 2008 R2).If I open the MMC\Certificates snap-in on another server, and request a new certificate, I see the available templates,...
View ArticleSUB CA Migration
Hi All,We are planning for SUB CA migration from Windows 2003 to Windows 2008. I will be following the below mentioned articlehttp://technet.microsoft.com/en-us/library/ee126170(WS.10).aspxThe Overall...
View Article