System account logon failures
Hi,We are experiencing numerous logon failures by a system account on a newly installed 2008R2 Server running Symantec's CCS 11 application. The account seems to be invoked by a lsass.exe process....
View ArticlePKI Migration from Domain A to Domain B
Hi People, is there any documentation on Migration of a mature PKI solution to another domain. What I mean by another domain is, the company I work for has been taken over and instead of being called...
View Articleadmin audit logs
Dear Team,I want to enable admin audit logs on Active directory and Exchange servers and to know how to read and trace logs if any user made any changes and run command so it can be capture.
View ArticleCEP not working on Server running CEP (WS_E_ENDPOINT_FAULT_RECEIVED)
Hi Everyone,I try to hunt down the following issue i get with a deployment of mine.My deployment looks like the following:Issuing CA running on Server 1IIS for CRL, CEP, CES and NDES running on Server...
View ArticleCertificate Enrollment - Error
I am getting the following error when I have the setting for delegation "Trust this computer for delegation to specified services only" and have it set to "Use Kerberos Only" with having "Host" and...
View ArticleHow to verify credential roaming is working for user certificates?
I applied a GPO for credential roaming and I know the GPO is successfully applied to the computer because other settings in the policy are working.How do I verify credential roaming of user...
View ArticleLimit Certificates Visible In Web Enrollment Page?
We want only certificates that require CA Certificate Manager approval to be available in the web enrollment page. Users who need to request user certificates from devices not joined to our domain...
View ArticleX.509 SSL Self-Signed Certificate
Hi,We run a nessus scan on our domain and getting alerts regrading SSL certificate which is assign to...
View ArticleEvent 7040 -- System keeps changed startup mode on SQL Server Services
We have a Windows 2016 server that is used to host a SQL Server database instance. Services "SQL Server (MSSQLSERVER)" "SQLSERVERAGENT" keep getting reverted from startup mode automatic to manual...
View ArticleCertificate Services - CES/CEP Returning Invalid Function when trying to...
When using ADCS CES/CEP Proxy to ENroll for a Computer Certificate, I am given the certificate template that is available, but when it goes to actually enroll I get the following error in...
View ArticleAD CS Cluster problem
Hi, I have a problem with the setup of an AD CS cluster. I have followed the “007-008669-001_Microsoft ADCS_Integration Guide_RevN.pdf” but it still doesn’t work. Environment: Two tier PKI...
View ArticleIssue with Certificate Authority Certificate renewal with existing Keypair
We have a two tier Pki with offline Root CA and enterprise issuing CA with Safenet HSM, Now we are in the process of renewing the issuing CA certificate validity. But we are unable to renew the same....
View Article802.1X on a non-domain Radius (NPS) server
hi all,we deployed a non-domain windows server 2012r2, and enable radius (NPS) for the wifi client authentication via 802.1x and after we setup everything, all the smartphones able to connect to the...
View ArticlePort Enable in Firewall
Hi All,I have enable these ports "137,138,445" on windows server 2012 r2 firewall in base server and in VM also but still this port showing blocked.We have to open these ports for sharing purpose to...
View Article[Windows Server 2016] CRL Distribution points not working with certutil -setreg
Hi,I'm currently setting up a Root Certification Authority with CAPolicy.inf file and post installation script afterwards. I noticed, that with setting the CRL Distribution Points with "certutil...
View ArticlePKIview Snapin on 2012
Hi,Am doing my first Windows Server 2012 ADCS install and cannot seem to find the PKIview snapin (Enterprise PKI) that was in server manager in 2008 R2. Has this been removed? If so what is the...
View ArticleUser certificate store
I am facing an issue with a website in IE . This is an external website and i get error message Certificate Not trusted.It looks like the intermediate certificate is missing .I downloaded the...
View ArticlePhoneFactor mobile app activation code URL incorrect
Hi, I have multiple sites (all independent with their own domains) with functioning Multi Factor Authentication Server. I'm in the process of getting the mobile app working and have been successful on...
View ArticleClik here to view.
Azure web app certificates
Hello,We have our internal CA and our web app is hosted in Azure. We have installed cert on Azure web app which is issued by our internal ca. By this setup I should be able to access my webapp from our...
View ArticleMBSA 2.1 How export reports
Hi.I want to scanning remote computers using MBSA 2.1 but I want to export the reports to XML or SQL Database. I was reading the option /xmlout but this option only is limited to security scan (no...
View Article