AD CS Backup error
Getting error when attempting to back up AD CS on Server 2008 Ent. I have seen other questions where the answer was to restore from backup. There is an old backup available but the cert has expired...
View ArticleSecurity Settings
our small company we want to restrict social networking sites for few users only ,how can we do this on windows sever 2008 r2Can any one suggest us the procedure for restricting social networking...
View ArticlePKI Training and Resources
Any recommendations on advanced PKI Training? I've taken the "Designing and Managing a Microsoft Windows Public Key Infrastructure" course however it doesn't go into great detail on the many...
View Articleediting inf security template file
hi friendsi need to import a security template to change only options which exist in password policy node of local group policy in an standalone workstation. i don't want other security settings be...
View Articlealternative domain name on one DC
Hi,on a dns server, I create a domain with name "lab.local", then I add new domain "domain1" in this zone, it's URL is "domain1.lab.local".but when I configure a PC named "PC1" to join the domain...
View ArticleCross Domain Authentication - via Trust, What DC do I authenticate to.
Hello All:I am trying to get some clarification on what domain controller I authenticate to via a 2 way transitive site. Our setup is pretty basic. 2 domains in one forest, 2 way transitive trust,...
View ArticleCertificate Authority
My situation is this: I have SCCM 2012 R2 and we want to enable Internet Based Management.My company does not have an existing PKI infra but we do have a CA for things like Lync and Exchange 2010. The...
View ArticleAD CS 2012 - existing two tier with offline Root CA - how to change CSP
Hi,Upon configuring Cisco ASA for certificate authentication, I find out it does not support certificates using the RSA#Microsoft Software Key Storage Provider from Windows 2012 CS; therefore I can not...
View ArticleCertificate Authority Windows 2008 to 2012 R2 - Clean up and Migration
Hello, I'm currently dealing with the following scenario:1. I've inherited the current infrastructure setup and the plan is to clean things up and setup a new certificate infrastructure using...
View ArticleRead files from Temporary Internet Files folder?
How can we give permissions to user on temporary internet files, so that user can read files from Temporary internet files folder in Windows server 2008 R2?2nd Question: Temporary internet files folder...
View Articlecertutil to add pfx to trusted publisher
Hi,I got pfx file and wanted to add the file to the trusted publisher store using the certutil command.I noticed that certutil doesnt take store name option for the pfx file.could you pelase let me...
View Articlecertificate revocation check failed exchange 2013
i am getting bugs on my environment,all my users who right now connected to exchange server 2013,they getting the lo gin prompt every time when they trying to open office outlook 2013Abp
View ArticleNon domain-joined Clients (CES/CEP)
Hello Everyone!This is my first post to the security forum and it is not an overly familiar tech for me so please be gentle. :)I am looking at building a lab to test a web based application for a...
View ArticleOCSP missing in IIS 8.5
Hi Guys,I am building a new CA infrastructure, on 2012 R2, but I'm having a little trouble configuring my OCSP server.The server has IIS installed already, and is hosting the CDPs, I insatlled the...
View ArticleEventID: 4624 - Logon Type 2 missing
Hi,Windows 2008 R2 DFL and FFLCurrently when I look under the Security logs on the DCs there are no Logon Type 2 or 10 logged. Below is the audit policy. How can I get Type 2 and 10 to be logged on...
View ArticleChecking caller machine ip that cause accounts in my AD to get locked
Hi all,Recently there was an incident at my end where multiple AD accounts got locked within a very short period of time. Upon doing checks on the AD server under security logs, i can see the event id...
View ArticleAllow multiple users access to local encrypted files but prevent Admin's from...
We have an scenario where we need multiple users to store and access files locally on a RDS server, but the administrators cannot ever have access to them, nor reconfigure the system to make this so....
View ArticleWindows Server 2012 R2 Trusted Sites GPO will not work (IE11)
I created a simple trusted sites GPO and applied it to an OU with me as the only user(group) to test. After setting up the GPO, I ran GPUPDATE /FORCE on my PC, then ran the GPRESULT /R to get the...
View ArticleVirtual Smart Cards with a 3rd Party CA
Hi, I am new to this but we want to start implemeting virtual smart cards but I am having difficult finding out how to use a 3rd party CA with them. Any help would be appreciated.Thanks in advace,Liz
View ArticleCertificate Issuance Automation for non-Windows clients
Afternoon all,I've been doing quite a bit of digging but can't find a definitive answer, so I thought I'd try here.Is it possible to use AD CS to programmatically process an certificate request from a...
View Article