Coexisting certificate PKI
hello,i inherited a two tier PKI. One standalone root-CA-Server and one AD-CA-Server. Both Server are running W2K3Unfortunately the root-CA was created with CRL settings, so it is not possible to leave...
View ArticleStruggling with Certs
I have been in a rabbit hole for a few days now confused and frustrated. Here is the breakdown.I have a Windows Server 2008 R2 Enterprise machine running AD CS and IIS.I have a Windows Server 2008 R2...
View ArticleGiving permission to a user to a certificate located in the local machine...
Hello, I want to give to the user "Network Service" access to a certificate installed in the LOCAL_MACHINE\Root, but I am having troubles with this. When I do: winhttpcertcfg -i C:\cert.pfx -c...
View ArticleHow to issue a Domain Controller Cert with a W2K8 Standard CA
Hello,I have Windows 2008 64 Bit Standard Domain ControllersOur CA is a member server running Windows 2008 64 Bit StandardI understand that I cannot use Certificate templates with this non Enterprise...
View ArticleSSL Certificate Issues in Windows Server 2003
I have a 2003 R2 SP2 Standard server. I have a certificate issued by a trusted CA. The certificate opens and displays the "The integrity of this certificate cannot be guaranteed. The certificate may be...
View ArticleUsing certificate OID's to authenticate WiFi users.
Hello All,I am trying to sort out some issues with certificate OID's in our PKI environment. The background is we are in production with our wifi using EAP-TLS. Everything is working great and has been...
View ArticleIs there any way to issue a certificate to UNIX machine for trust? or how to...
Is there any way to issue a certificate to UNIX machine for trust? or how to setup a trust between Unix machine and windows machine?
View ArticlePKI Certificate Overwritten?
Hi there.I am a PKI admin at my organization. A server engineer recently alerted me to an odd situation with a few web server certificates that he had requested last November. The certs were issued...
View ArticleHow do you renew certificates issued by Standalone CA
CA Server is Windows Server 2008 in Standalone mode, clients are both Windows XP and Windows Vista.How do you renew expiring certificates when your CA is a standalone CA. Any attempts in the MMC...
View ArticleRenewing a Root CA and generating new keys
Hi,According to http://technet.microsoft.com/en-us/library/cc740209%28v=ws.10%29.aspx"When you generate a new key pair for a CA that is being renewed, a new certificate revocation list (CRL)...
View ArticleWindows Server 2012 --- Bitlocker --- Network Unlock
Hi,This network unlock sounds a good idea. I have heard this is for windows 8 and was asking if their is any plans to roll this out on Windows 7 ?RegardsRyan
View ArticleClik here to view.
You have not chosen to trust the issuer of the server's security certificate
Hi, I have an issue whereby any certificates that I issue report "You have not chosen to trust the issuer of the server's security certificate". The certificate chain is show as ok and if I validate...
View ArticleWindown 8 VPN Error 798: A certificate could not be found
We've been using certificate based VPN authentication with Windows 7 for a while without any problems.Now, as a part of testing for Windows 8 upgrade we've discovered that Windows 8 fails to establish...
View ArticleCertificate mismatch. How to avoid using the certificate from the domain...
Problem Overview:When I attempted to connect to a virtual desktop (VD) using Window’s Remote Desktop (RD) Connection application from an external network, I encountered a certificate subject mismatch...
View ArticleWin2012 Ndes Service SPN breaks PS Remoting.
I've encountered an issue while setting up an Enterprise CA w/NDES on a Windows 2012 DC (all roles deployed on a single system).Before configuring NDES, I've run "Enable-PSRemoting" on an Admin PS...
View Articleno internet Locally, But when Connected to AD it will granted to internet....
Hello Everyone, I want a solution to my problem. i'm a newbie with microsft server, currently running windows server 2008 enterprise edition. i want to deploy server which would contain AD,DNS, and...
View ArticleAudit file opening in share the easy way or 3rd party app
Hello,A client with an SBS 2008 asked as to audit a shared area of the server for file openings (read attr). He needs to have reports of when the files are opened and by whom, and since he is not an IT...
View ArticleClik here to view.
How can I enumerate possible CategoryIDs, SubCategoryIDs, and Changes in...
When we look at the XML representation of an AuditPolicyChange event, we see some values like%%8278 or %%13827 or %%8448 in Category, SubCategory, and Changes fields respectively (See the...
View ArticleTime to time change Domain administrator password
My domain recently time to time change Domain administrator passwordI’m using windows 2008 r2 stranded editor 64 bit server. I checked my Event viewer but not any special event. I’m using Symantec...
View ArticleCertificate Services - Automatic Enrollment and Pooled/Stateless Desktops
I've recently implemented a PKI in a new domain where some of the desktops are stateless. Part of the PKI configuration is to enable auto enrollment for all computers in the domain. This is working...
View Article