understanding BitLocker without TPM and a passphrase
I just enabled bitlocker on a laptop I have without TPM on Windows 8.1 Enterprise. I used the USB to store the key and entered a passphrase as well. When the laptop starts, all what I need to do is...
View Articlerename builtin administrator account
Hi all I want to Rename the Builtin administrator accout via Goup Policy Management Editor just for security reasons, so I just want to check the implications it might cause to the running environment...
View ArticleProblem publish crl to active directory for root offline ca
Hello ! Sorry for my bad english (i am french) A question on publish crl in AD ... I publish the crl of an offline ca root with : certutil -dspublish -f mycrlfile.crl srvcaroot (where srvcaroot is my...
View ArticleIs it appropriate to apply the hardening settings for Windows 2008 R2 server...
We would like to adopt the hardening recommendation for Windows 2008 R2 from CIS to all our DC servers. However, but then we found some of our DC in remote sites are Windows 2008 server only.Is the...
View ArticleCACert revocation server offline
I'm using CACert for certificate verification and in Outlook none of the client certificates can be verified as the server is offline. The root is in Trusted for both HCCE_LOCAL_MACHINE and...
View ArticleRe-enrollment issue
We are upgrading the clients to Windows 8.1 with SCCM 2012 and are experience a strange issue with users and computers certificates, the clients both consist of laptops, desktops and hybrids (Lenovo...
View ArticleADFS 2.0: Can the outgoing claim be set to lowercase?
So I have a relying part trust set up to an external vendor's system. However they require all incoming claims to be in lowercase to authorize. Kind of strange, I know...Anyway, is there a way to make...
View ArticleIs it okay/safe to remove the Administrator account from Domain Users group??
We have a new Windows Server 2012 R2 set of servers.The administrator account is in the domain admins group, it's called site-admin, it's also in the Administrators group.The site-admin user is also a...
View ArticleMicrsofot OCSP Query
Hi,Is it possible to implement single OCSP server (satandalone/ Enterprise) for two forests (provided the forests are not trusted).If so, can you please provide us the guidelines.Thanks
View ArticleDoes CurrentUser\My get synced when using Roaming Profiles?
HelloCan someone please help me with the following questioncan you please tell me if you have any cryptographic keys (which are stored in the registry at the end of the day, I believe) located under...
View ArticleOCSP 404 error - failing in pkiview
Hi all, sorry for asking another question so quickly after the last but I am stuck on an OCSP issue now.2 tier PKI, 2008 R2 Root CA and 2012 R2 Enterprise Subordinate.When launching pkiview everything...
View ArticlePublishing CRL and CRT files automatically to a web server
Hi, when you configure the Extensions on an Enterprise CA and specify a URL to a web server for the CRL and CRT files - How does one schedule this to happened for example, every week? or do I need to...
View ArticleFile Server Access Under Active directory
hello all;I have active directory server and file server user that AD domain , I shared one folder in File Server as "E:\File Server" under this directory every group have one folder and under these...
View ArticleUAC Credential UI not enumerating smart cards
Running in a Server 2008 environment (not R2) and suddenly started having an issue where our smart card accounts aren't enumerating in UAC when doing a Run as Administrator. UAC is configured to...
View ArticleCertificate choices for Exchange 2013, ADFS and WAP
This question has now been 'moved' to the Exchange 2013 forum.Can you please help me with certificate choices?We currently have an Exchange 2013 server publishing OWA, EAS, etc. externally with ISA...
View ArticleTwo vaild certs listed in "Trusted Root Authorities" after renewing root CA...
Hello, We have a standalone CA that is NOT offline and is also the issuing CA as well as the website for submitting certificate requests. Our CA is on a Windows 2008 member server in a Windows 2008...
View ArticleBest practices : Location of the http CDP url and Location of the web site of...
Hello Everyone ! First sorry for my bad English (i am French)I will be very happy to have You "best Practices" on the location of the Web site who store the http\CDP urlOf course my requierments here...
View ArticleSMB2 Server Denial of Service
Hi,My firewall has detected the "SMB2 Server Denial of Service" on one of our domain controller servers based on windows server 2008R2. Is there any workaround or updates/patches that could help me...
View ArticleWebsite Hacked, Help!!
Dears,I have a website hosted in windows server 2008 with firewall and plesk cp. The website hacked by replacing its aspx files with same file names but with just html content that have ads.Every time...
View Articleprevent delete own files and folder in a shared folder
there are many application require deleting rights. for example, MS Word, when you edit a file, you never actually edit the source file - word creates some tmp copy and saves all the changes to the...
View Article