User repeatedly gets locked out
Hello,I hope I am typing this in the right forum. I am in need of some help. A user recently received an iPad and has the company mail setup on her device. I didn't set her device up, so I may not...
View ArticleWindows 2003 Enterprise CA Migration to Server 2012 CA - Adding GoDaddy...
We're planning to migrate our Windows 2003 Enterprise CA to Server 2012 AD CS. Our office is considering buying a trusted root cert from GoDaddy. How should this factor in our migration to Server 2012...
View ArticlePossible to get Win8 Metro applications to work through Windows...
I have posted this a few times and see no answers. We use outbound Microsoft firewall for security reason. We like controlling which apps on the computers can communicate out to the internet. I will...
View ArticleDoes Domain Logon prodecure involve LDAP protocol?
Hi,When a domain member logon, only kerberos protocol is in use to authenticate the user, and the "Server" service is used to deploy GPOs.So does the logon procedure involves LDAP protocol? I even...
View Articleattach picture and file distorted
I have Windows server 2008 and domain base network. My network is working perfectly except one thing.When ever some body send me e-mail attached with picture or pdf file it appear distorted or patchy....
View ArticleWMI and Setting ACL
Hello,I need to know if WMI can Set ACL to Folders on remote server for the local groupe of this server? I need your Help.
View ArticleCan you still use local accounts when a machine become a domain controller?
Hi,I have a windows 2008 machine, If I make it a domain controller on it, would the local accounts still work?Especially the administrator account.
View ArticleCertificate authority decomission
2 things, I need to decommission a enterprise root CA. I have the kb for this already so don't think I need help there.However, Looking at the issued certificates there are only 4 still that haven't...
View ArticleS/MIME Autoenrollment and Automatic Outlook Configurations
Hello,I hope this is the right forum for posting this message.I just finished deployin in my organization an AD CS (Active Directory Certificate Services) in order to create S/MIME certificate for all...
View ArticleLocking down IIS APPPOOL account locks out local administrators except for...
In a nutshell,we have been locking down the IIS APPPOOL account used by an Internet facing web application. The IISAPPPOOL account by default belongs to a number of mandatory groups when the security...
View ArticleWhen submitting a Cert request only 1 subject alternative name returned in...
I need to create a cert for a computer and I need to supply a number of subject alternative name values but when I complete the cert enrollment request and supply the different subject alternative name...
View ArticleCertutil -repairstore Access Denied - Windows Server 2008 R2
I am trying to recover a lost private key for a certificate on a 2008 R2 box (web server cert, issued by Thawte) and when I run:>certutil -repairstore my "cert serial #"I get:>No key provider...
View ArticleConfigure NPS to authinticate with certificate windows 2012 server
Hello , I have imploemented wireless access points on windows 2012 NPS that already domain controller in my environment and seems to be working fine with microsoft eap (peap) authintication method ,...
View Article401 - Unauthorized: Access is denied due to invalid credentials
After installing MSCEP, enter http://Server2008/certsrv/mscep_admin in the browser.Enter correct user name and password in pop-up box. Windows 2008 keeps rejecting the correct user name and password....
View ArticlePKI migration from 2003 to greenfield 2008 R2 plan-of-approach
Hi,I've done a lot of reading here already but I'm on a dead end. Here's my scenario:I have 1 Stand-alone root CA plus 2 Enterprise issuing CA's, all running Windows Server 2003. I'm trying to move all...
View ArticleClient Certificate Mapping authentication using Active Directory across...
Hi,We currently have a setup where the on-premises environment and the cloud environment are based on two separate forests linked by a 1-way trust, i.e., the exist in the on-premises AD and the 1-way...
View ArticleChanging the IP of ADCS Servers
Hi We have 1 RCA , 2 ICA Servers...in win 2k8R2....We have a plan to change the IP's of our ADCS Servers ...what will be the impact. what is the impact of Changing the IP's of ADCS Servers.Thanks SUBBU.T
View ArticleRe-issuing new certs to all users transparently if there is a risk certs been...
To avoid service disruption what is best method to get new certs auto enrolled to all workstations and computers ? want a method ideally without revoking the old certificates first until new certs...
View ArticleReport on soon to be expired certificates
does anybody know any trick on getting the report on soon to be expired certificates on Windows 2008 CA.
View Articlevpn ias login attempts randomly fail
we have a Palo Alto networks PA-2020 firewall that has a ssl vpn global protect feature that we use. We have been noticing that at random times when people try and logon remotely using the global...
View Article