Clik here to view.
CA Certificate with new keys and CrossCA Signing
HiI am just looking for some guidance for renewing Issuing Certificate Authority keys... The conversation at work at the moment is that we need to "revoke" all existing issues certificates as soon as...
View Articlevpn ias login attempts randomly fail
we have a Palo Alto networks PA-2020 firewall that has a ssl vpn global protect feature that we use. We have been noticing that at random times when people try and logon remotely using the global...
View ArticleADPolicyProvider_CEP_Kerberos issue? even user certificates issue?
I don't know how to say this that this event finally showed up from renewing a user certificate but (The remote endpoint could not process the request. 0x803d000f (-2143485937) and the event...
View ArticleUser Certificate in AD CS
As I have divided this subject that I posted earlier into a two different issue and maybe it is very same thing that caused another issue or I don't know for sure. The issue that a user certificate...
View ArticleLightweight Directory Services binary data
Hi Everyone,I am trying to import a certificaterevocationlist into an LDS partition in binary format, I have been able to import the CRL but when I use ldifde to output the LDS partition contents the...
View ArticleHow to renew the root CA and increase key length to 2048 for window 2003...
How to renew the root CA and increase key length to 2048 for window 2003 standard edition?I have checked the installation of window 2003 CA server does not using CApolicy.inf. So I am not sure the...
View ArticleMigrate Root CA and remove intermediate CA
Hi forum, i signed up with a new company. A former employee installed a root CA on a W2K3R2 server and another inermediate CA on a W2K3R2 server within the same domain. As this domain is the only one...
View ArticleAudit log doesn't bother mentioning who accessed the object
Hi,I've configured our 2008 Server to audit object access. I've enabled auditing on 1 testfolder to audit the "delete" action.When I test this and delete the folder using one of our user accounts I get...
View ArticleCertGetCertificateChain() method fails revocation check
Hi, We have implemented OCSP on our gateway using CertGetCertificateChain API. However, though certutil -url verifies the certificate on the gateway correctly, the API returns the following value in...
View ArticleRemove a old issued DC Certificate from a W2K3 CA
I installed another Root-CA in the existing Forest. It is a W2K8R2 CA [enterprise].I was trying to follow the step provided by Microsoft "How to demote a W2K3 CA" and I am at step 9 - Clean up...
View ArticlePre-authentication failed User Name: User ID: Service Name:...
Pre-authentication failed: User Name: ohqnas$ User ID: %{S-1-5-21-1957994488-115176313-1801674531-10659} Service Name: krbtgt/PERMA-FIX.COM Pre-Authentication Type: 0x0 Failure Code: 0x19 Client...
View ArticleHow to install and start Bitlocker Recovery Password Viewer on Windows Server...
I have spent several hours trying to find documentation on how to set up full BitLocker recovery information on a Domain Controller in a pure W2K12 environment. There seems to be a lot of steps and...
View ArticleQuerying all users for a Security Group creation
Hello, I’m making a security group called “non-executive” so that I can make a deny policy for all users that are obviously non-executive for a folder called “ExecutiveX” as in only the CEO's can...
View ArticleDisabling the TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA cipher suite
Hi,I'm trying to figure out how to disable the TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA cipher suite on a Windows Server 2003 Enterprise Edition x64. In general, I'm trying to disable the weak ciphers, and...
View ArticleKB2813170 causes reboot loop on Server 2003 x64 servers
After installing KB2813170 (which updates the kernel) and rebooting, on one of my servers running Windows Server 2003 Enterprise Edition x64 SP2 begins to boot up, but then shows an error screen (which...
View ArticleWindows Update encountered an unknown error Code 2
Windows 2008 R2 SP1 Terminal Server with IE 8 installed. I started here and tried each one of these listed.8 results for "WindowsUpdate_00000002" "WindowsUpdate_dt000" 1. 1 Troubleshoot problems with...
View ArticleWindows 2008r2 CA
We currently are running the Enterprise CA on 2008r2 and it is issuing certs as SHA256 but the CA itself is still SHA1. Is there a way to make the CA SHA256. Our root CA was upgraded from 2003 to...
View ArticleUnable to load self-signed certificate into IE and have it like it. Loaded...
I'm trying to load a self signed certificate (in our case, from vCenter) - into Windows 2008 using the mmc/certifcates add-in or by going to https://siteURL../ in IE and installing. Neither work. I...
View ArticleCertutil -repairstore Access Denied - Windows Server 2008 R2
I am trying to recover a lost private key for a certificate on a 2008 R2 box (web server cert, issued by Thawte) and when I run:>certutil -repairstore my "cert serial #"I get:>No key provider...
View Article2008 R2 user certificate autoenrollment notre triggered with gpupdate on XP
Hi I'm trying to deploy user certificate auto enrollment with Win7 and Xp computers. I'm using a 2008 R2 intermediate enterprise CA, have created both templates and autoenrollment GPO and all is...
View Article