Clik here to view.
Windows Update Agent Version 7.6.7600.256 - installed automatically
On a Windows 2008 and a Windows 2008 R2 server, I see that an update was installed automatically even though my preferences for Windows updates (on servers) are: "Check for updates but let me decide...
View ArticleWindows Advanced Firewall outbound authentication breaks rule
I'm trying to establish a set of Windows Advanced Firewall rules (client side and server side) that will restrict SMB and RDP access using IPSec. I can't get the outbound client authentication to my...
View ArticleFirewalling by interface
I am trying to set up my server's FW on a machine with 3 interfaces. It is acting as a NAT/Gateway/Domain Controller/Hyper-V host and general mad-scientist's playhouse.1. wireless interface - connects...
View ArticleClik here to view.
Backup up a CA templates list
We're preparing to migrate our Windows 2003 Enterprise CA to Server 2012 AD CS. We backed up our CA templates list using the commandcertutil.exe -catemplates > catemplates.txtIt generated a list...
View ArticleDomain GPO editor
how can I do that each users will be local admin of computers at domain, but they will have no permission to access logon to servers (exp. 192.168.111.1-192.168.111.30) ?
View ArticleCA for digital siganture help!
Hi all,We use InfoPath 2010 to design form and require digital signatures. I set Certificate services as this...
View ArticleWhen I try to connect LDAP server with Directory certificate installed in...
10.0.0.2Accepting Directory Server certificate for /CN=qtp-ldap.oaqtp.com signed by /DC=com/DC=oaqtp/CN=qtp-ldap Skipping certificate 1 (/CN=qtp-ldap.oaqtp.com): subject issuer mismatch Certificate...
View ArticleLocking down IIS APPPOOL account locks out local administrators except for...
In a nutshell,we have been locking down the IIS APPPOOL account used by an Internet facing web application. The IISAPPPOOL account by default belongs to a number of mandatory groups when the security...
View ArticleExecute a Powershell script when the user certificate changes
Hi, I have a Powershell script that make use of user certificates in a particular user's certificate store. Whenever there is a change to the current certificate, I need to automatically run this...
View ArticleClik here to view.
How to hide internal domain name
Hi everyone! I’m not really expert in DNS so it’s why I’m asking you this question.I explained you what is my goal:All the routing is good, NAT is working fine. What I try to accomplish in big words is...
View ArticleKerberos authentication failure 0x1b
Dear All I have been researching about the below mentioned error message for awhile now. I have increased the audit report level and noticed this kind of errors. My searching revealed, that the failure...
View ArticleWhen submitting a Cert request only 1 subject alternative name returned in...
I need to create a cert for a computer and I need to supply a number of subject alternative name values but when I complete the cert enrollment request and supply the different subject alternative name...
View Article"The endpoint address URL is invalid" error 0x803d0020 when enrolling CES...
I set up CEP and CES-Kerberos on Windows server 2012 (CA installed on the same server).Changed host part of URI on https://domain.internal/xxxCA_CES_Kerberos/service.svc/CES...
View ArticleWindows 2003 Enterprise CA Migration to Server 2012 CA - Adding GoDaddy...
We're planning to migrate our Windows 2003 Enterprise CA to Server 2012 AD CS. Our office is considering buying a trusted root cert from GoDaddy. How should this factor in our migration to Server 2012...
View Articlevpn ias login attempts randomly fail
we have a Palo Alto networks PA-2020 firewall that has a ssl vpn global protect feature that we use. We have been noticing that at random times when people try and logon remotely using the global...
View ArticleMicrosoft Trusted Root Certificate Authorities Has More Than 200 Entries
I've been trying to find a "good" answer to how to deal with this issue and I really can't find some solid advice. Recently the Microsoft Trusted Root Certificate Updates have exceeded the...
View ArticleOutbound Firewall Rule with authentication does not work
Hi there,we're testing with IPSec and are running into an issue we can't seem to narrow down.Currently there's a GPO denying all inbound and outbound traffic. It also has rules to allow basic AD...
View ArticleServer 2008 R2. Has increased persistently Security Access Token handle.
Hi, o/ s: Server 2008 R2sp1Has increased persistently Security Access Token handle.I resolved to create a new account.What is the cause?I have created a MFC-based program.I tried to check the process...
View ArticleWhy TotalSessions is 3 when I have only two users logined?
Hi,I'm using the following scripts to count how many users logged on through TermService, but I got a "3", that's weird, as I only have one user logged on locally, and another through terminal service,...
View ArticleClik here to view.
Can I define "Predefined set of computers" by myself in Windows Firewall?
OS: Windows Server 2008 R2I want to know if I'm able to define "Predefined set of computers" by myself in Windows Firewall.
View Article