Screen Saver Win2kR2
I support a DoD network and we use Retina Network Security Scanner to scan our boxes for vulnerabilities. We are in the process of testing Server 2008R2 so we can upgrade our server infrastructure and...
View ArticleFailed to save local policy database.
Hi i have recently gone through a few forums and found out that there was a hotfix for this error "Failed to save local policy database."unfortunately i couldn't find a hotfix suitable for windows...
View ArticleQuerying all users for a Security Group creation
Hello, I’m making a security group called “non-executive” so that I can make a deny policy for all users that are obviously non-executive for a folder called “ExecutiveX” as in only the CEO's can...
View Articlefdcc/usgcb xp firewall settings in the registry
I run vulnerability scans with Symantec's Secure Fusion. I am trying to verify that the Policy & Controls listed in the xp firewall standard profile are correct based on the fdcc/usgcb registry...
View Articlewindows xp firewall registry settings and fdc/usgb
I run vulnerability scans with Symantec's Secure Fusion. I am trying to verify that the Policy & Controls listed in the xp firewall standard profile are correct based on the fdcc/usgcb registry...
View ArticleAre "Virtual Accounts" more secure than "Local Service" accounts?
I see that a lot of Windows services can be configured to use "Virtual Accounts" rather than the built-in "Local Service" account.Is the former more secure than the latter? Would is be a good idea,...
View ArticleHow to install and start Bitlocker Recovery Password Viewer on Windows Server...
I have spent several hours trying to find documentation on how to set up full BitLocker recovery information on a Domain Controller in a pure W2K12 environment. There seems to be a lot of steps and...
View Article3-Tier PKI Root/Policy CA offline how to delete certificate/private key
Hi there,Were running a 3-Tier PKI with Win2k8 R2 and our Root and Policy CA servers are configured for offline, as added security what we did with our older Win2k3 R2 was to remove the certificate and...
View ArticleRevoked certificate does not remove
I 've implemented a Two-tier CA hierarechy . I got a cert from root for Issuer after that revoked that and got a new one.but now both of them are in Intermediate CA on all computers that are joined to...
View ArticleCertGetCertificateChain() method fails revocation check
Hi, We have implemented OCSP on our gateway using CertGetCertificateChain API. However, though certutil -url verifies the certificate on the gateway correctly, the API returns the following value in...
View ArticleFailed Logon Guest Account - Caller Process: Explorer.exe
Windows Server 2008 R2 -> Domain Machine but local Guest Account. Local Security Policy has Guest disbaled, GPO has Guest renamed but not defined on disabled/enabled.I'll focus on one machine, but...
View ArticleRevoke the certificate of user whose domain account is disabled/delete
Hello Everyone,Wanted to know whether can we revoke user certificate whose domain account is disable/delete. We have PKI infrastructure deploy. We have not issue certificate to users. Can anyone please...
View ArticleKtpass - Can't generate keytab file on first dc. What cause ?
Hello everyone !Yesterday i got a task to create a service account for SSO on our WebServer.1)Firstly i create AD user account and set the following names and pasword:Samaccountname:...
View ArticleUsing Proxy Authentication
Hello All,I am currently looking at various authentication options; one in particular is Proxy Authentication.What I want to know is does Proxy authentication work as read only or can it write password...
View ArticleSome settings are managed by your system administrator
In Internet Explorer 7, theSecurity tab of the Internet Options dialog box displays the following message to indicate that settings are managed by the system administrator: Some settings are managed by...
View ArticleSecurity risk of enabling: \\alias.domain name.com
Hi,I found the article below explaining how to enable the access via alias (add regkey: DisableStrictNameChecking).It works great but the kb doesn't mention if enabling this poses a security risk on...
View ArticleClik here to view.
CRLs for desktop clients not in a domain
Hello,I have built a lab environment - based on 2008 R2. I have created a basic two tier PKi solution - one offline Root CA and an issuing CA. Based on my limited knowledge this seems to be working...
View ArticleCertificate Authority Issue
I'm trying to renew an Exchange 2010 certificate but when I navigate to http://CAservername/certsrv and click "Request a certificate" then "Submit a certificate request......" to get to the renewal...
View ArticleRestore "account unknown" user profile Windows7
After accidentally remove user and computer from domain controller (Windows Server 2003), i was create new user with same old name on DC and rejoin my client PC (Windows7) to domain.As result i have...
View ArticleReset administrator password windows 7
How can I reset the administrative password for windows 7. There is only one administrator set up, no back up cd was made to recover password. Please help.
View Article