Apache TomCat fails to start with Certificate Issued from a Microsoft CA
Hi All, I have an issue at the moment involving Apache and a certificate issued from a Microsoft Internal CA. We have a new application that has a requirement for SSL and is Apache based. I have...
View ArticleGenerating a Certificate for Apache using a Microsoft CA
Hi Everyone, I have a question regarding generating a certificate to be used by an Apache Web Service, with the certificate being generating by a Microsoft CA. The Apache Web Service is part of a new...
View ArticleServer 2012 Enterprise Root CA in a cluster?
I am wondering if it supported to install an Enterprise Root CA as a clustered service in Server 2012. All the documentation I can find only deals with Subordinate Authorities, not the Root CA.Plus,...
View ArticlePossible to "reissue" RootCA certificate to change a few settings in...
Too late in the long process of creating an offline Standalone RootCA, the internal (to our network) Online Enterprise Issuing CAs and the External Online Standalone (ie, not a member of our domain)...
View ArticleAudit Failure, Event ID 4769, Failure code: 0x20
Hi Everybody,Since we enabled failure audit logging on the domain controller, we've had a lot of the following failures...
View ArticleWhen apply CA certs, Ubuntu(Lucid) can not join 802.1x wired network
so strange problems, our networking environment is: W2K3 AD+W2K3 IAS(RADIUS+802.1X PEAP CHAPv2+CA), the 802.1x security policy is PEAP+MSCHAPV2+root CA cert+AD account and password;our Windows domain...
View ArticleRequest certificate for virtual smart card from third party CA
Hi!I would like to use third party CA certificate with virtual smart card. How can I make offline request for this type of certificate?Thanks!,UV
View ArticleAccount Lockout Policy & Monitoring
Hi,There is a customer who is requesting to disable the Account Lockout Policy on GPO based on the situation.There are around 1000 users and 20% are mobile users who are always roaming around and using...
View ArticleSmart card offline windows logon fail for Windows 7 and Windows Server 2008 R2
I have developed a (unsigned) smart card minidriver for Windows logon. It works for Vista, Windows Server 2008 R2, win7 when the PC is in the domain. When the PC is offline, the smart card logon works...
View ArticleIP-Sec Windows XP
Hello, I'm having a problem while i try to apply IPSec with Windows XP, the Request option works perfectly but not the Required option. Is this a known problem with XP Systems? Is there any option to...
View ArticleHow to obtain Kerberos through KCD but without Group SIDs
Hello,In my infrastructure I'm stuck with the size of Kerberos ticket due to a large number of Group Memberships.I'm trying to find a way to obtain a Kerberos ticket through KCD :with only the...
View ArticleBad Signing on Array Controller was shown when reboot OCSP service
Hi Expertsset up 3 CAs(not MS CA) , key pairs are generated on HSM.followed instruction ,http://www.forum.persianadmins.ir/showthread.php?t=12375The issue is not happened 100% but when reboot OCSP...
View ArticleSID lookup for S-1-18-1 (AUTHENTICATION_AUTHORITY_ASSERTED_IDENTITY) fails on...
I understand Windows 2008 R2 does not support the new SID S-1-18-1, but I have an issue where Symantec Mail Security 7.0 console searches all group memberships for the logged on user, when launching,...
View Articledelegating control of services
I wish to permit my helpdesk to restart services. I do not wish for them to become administrators of the server.How can I grant them this ability on a specific server or throughout the domainthanxdavid
View ArticleCan't establish IKEv2 VPN connection - "Error 13819: Invalid certificate type"
I'm trying to make a VPN connection to a Windows Server 2012 Essentials server. I can successfully connect using SSTP, but I want to use IKEv2 to improve performance. However, when I try to connect, I...
View ArticleCode signing certificates
Hi all,We want to create a code signing certificate for use by the coders in our IT department. The code will only be used in-house. It is actually for PowerShell tasks like logon scripts etc...I have...
View ArticleInternet Explorer 9 not showing as not installed when using Windows Update -...
I built a few new Windows Server 2008 R2 with SP1 VMs today and ran into a problem where Windows Update is not detecting the fact that Internet Explorer 9 is already installed. Internet Explorer 9...
View ArticleCertificate Web Enrollment Policy Service, Access was denied by the remote...
This question was asked based on Windows 7 and Server 2008 R2... per link belowhttp://social.technet.microsoft.com/Forums/en-IE/winserversecurity/thread/809459c7-e090-48d2-bdff-ab42b3ba8270I figured in...
View ArticleEventVWR
I just had a 'phone call from someone asking me to run this on my computer but it didn't feel right so I politely rang off - should I be running this command or ignore it?WHY would someone be calling...
View ArticleNT SERVICE\ALL SERVICES?!?!
On a fresh install of 2008 R2 I have "NT SERVICE\ALL SERVICES" listed in gpedit.msc for "Log on as a service". Where can I get more information about this account/group?
View Article