Active Directory Cert Services Will Not Start
I am unable to renew certs in my domain. My CA ADCS will not start, error from event log "Active Directory Certificate Services did not start: Could not load or verify the current CA certificate....
View ArticleIs there a way to see expiring computer certificate using event viewer?
Hi Experts,Not sure if this is possible but is there a way we can get a warning from the event viewer if ever a computer certificate will expire on the server so we could renew them before they expire?...
View ArticleError Starting Certificate Authority after upgrading in place from Server...
Hope this is the place to seek help with Active Directory Certificate Services. We recently upgraded in place an issuing CA in our lab from 2003 to 2008 and the upgrade of the OS was successful but...
View ArticleRADIUS on 2K8 R2 DC, but NPS is already on a terminal server
I have read the question of installing a RADIUS server on a DC this is what I want to do. However, there is a terminal server on the network that uses NPS for a dedicated set of users using business...
View ArticleCertificate Services - Do you still need a CAPOLICY.INF file?
We are building a two tier 2012 R2 PKI with an offline stand alone Root CA and an online issuing CA. Do we need to create a CAPolicy.inf file on the Root CA?It is my understanding that one of the...
View ArticleAllow users to select new root certification authorities (CAs) to trust -...
This setting and two others impossible to remove live under:Computer Configuration / Policies / Windows Settings / Security Settings / Public Key Policies/Trusted Root Certification...
View Articlesyntax for certificate additional attribute Basic Constraints
Ho to request a certificate from https://<servername>/certsrv with (http://technet.microsoft.com/library/hh831649.aspx) : X509v3 Basic Constraints: CA:TRUEIs it through...
View ArticleRe: Windows Server 2003 Enterprise vs Windows Server 2008 Enterprise option...
Overview: All our PCs are Windows 7 and all our servers are Windows Server 2008 R2 and we have Windows Server 2003 Domains.I would like to use X.509 v3 templates (since our environment can handle it)...
View ArticleCertutil returns 0x8007007e (WIN32/HTTP: 126 ERROR_MOD_NOT_FOUND)
Having weird problem on one issuing ca, when I run certutil on that server, it everytime returns 0x8007007e (WIN32/HTTP: 126 ERROR_MOD_NOT_FOUND): certadm.dll and same for certenroll.dllAny ideas...
View ArticleNo Templates Found in Web Enrollment
Hi All,I have installed an Offline Standalone Root CA with Enterprise SubCA. I got success in publishing the CDP and AIA files manually but when I am trying to issue certificates through Web Enrollment...
View ArticleSome logon events are not registered in the Domain Controller under event ID...
Logon events for some users cant be seen while logon for few users can be seen using event ID 4768. Just wondering where these events are going yet account logon success and failure has been enabled in...
View ArticleChange distinguished name on standalone root CA.
Hi! During installation of standalone root ca I made a mistake in distinguished name of root CA. How can I correct distinguished name and recreate Root CA certificate? I don't want to reinstall...
View Articlenet user and random passwords
When using net user <username> /random with default settings everything works fine.The moment /minpwlen is set to anything higher than 8 (with or without complexity requirements enabled and...
View ArticleSelf-Signed Certificate Generation
I want to create a Self-Signed Certificate for ADFS 2012 R2 with the name adfs.domain.com. I know the procedure through IIS, but it creates a certificate with a Friendly Name of adfs.domain.com, but...
View ArticleA couple of quetions about Microsoft OCSP
HelloI have been doing a little reading on the above and have a couple of questions please :)I see Microsoft OCSP has one Revocation Provider e.g. CRL, thereby it retrieves information about the...
View ArticleCross Domain Authentication - via Trust, What DC do I authenticate to.
Hello All:I am trying to get some clarification on what domain controller I authenticate to via a 2 way transitive site. Our setup is pretty basic. 2 domains in one forest, 2 way transitive trust,...
View ArticleClik here to view.
Add Custom Attributes or OID in Subject Field
Good Morning I need generate a certificate with PKI infraestructure that it has aditional attributes in its subject field like the next image I notice that this certificate has OID attributes in its...
View ArticleValidate Server Certificate - Connect to These Servers
Configuring WiFi setting on windows 7 clients with WPA2 and Certificate authenticationunder "smartcard and other certificate properties"i have selected "validate server certificate" but this only works...
View Articleediting inf security template file
hi friendsi need to import a security template to change only options which exist in password policy node of local group policy in an standalone workstation. i don't want other security settings be...
View Articlenecessary help please
Dear whom read my messageI am server administrator with windows server 2012 standard edition , I have four server (Primary domain controller /Additional domain controller with two nodes for failover...
View Article