Clik here to view.
CA continuously autoenrolls to the same client computers
This problem might be related to the following problem I have explained in this thread: http://social.technet.microsoft.com/Forums/en-US/winserversecurity/thread/da890a64-736e-4bae-b9d8-427a5cf3a0edFor...
View ArticleMSSQLSvc service not available for delegation
I am trying to give MSSQLSvc delegation to domain user account, but MSSQLSvc service is not available for delegation. We have SQL 2008 R2 installed in cluster. we tried registering SPN, but no success.
View ArticleDomain Controller Authentication Certificate Template is not getting...
Manual request to Domain Controller Authentication template is compliting successfully. Even I tried pulse switch but no success. I checked the permission on template - Enroll and Auto Enroll. Please...
View ArticleOCSP Siging template issueing certificate frequently
OCSP Signing template configured with 1 year validity, still I can see many issued certificate using this certificate template. Is this default behaviour. Thanks
View ArticleFIM CM Installation in Failover Enterprise CA Cluster
Hi,We are planning to install FIM CM. We have Enterprise CA installed in Failover cluster. I am going through installation document. I want clarification whether should I also need to install FIM CM CA...
View ArticleAdmin shares available to non-administrative users over loopback address
I have several RemoteApp hosts, they all have MS excel installed. All hosts are covered with multiple lockdown technologies including Applocker, Group Policy and IPSec. All drives are restricted via...
View ArticleMethods for Restricting Access to Server Data and Alerting on Security Breaches
We are about to see if it is possible to work with a Hosting Provider to outsource the support of the OS on our server estate. One key requirements is that the hosting providers staff should not be...
View ArticleThe Windows Filtering Platform has blocked a connection.
Hi,I am attempting to install a new release for an application that is installed on a Windows Server 2008 R2 Box. The installation fails immediately with an unhandled exception. Looking through the...
View ArticleCryprFindOIDInfo is Returning NULL on Windows Server 2008 r2 with 2008 AD Schema
I can sucessfully retrieve a certificate name using a certificate template OID when calling the CryptFindOIDInfo API from a Windows 2008 R2 CA that’s part of windows 2003 AD. The same API call always...
View ArticleHow to increase response time for revocation detection through OCSP
i'm new to managing certificates using microsoft's adcs, so i apologize in advance for my lack of familiarity and expertise. so i'm trying to test to see how quickly i can detect through ocsp that a...
View ArticleAccessing WEB sites with Certificates takes too long on Windows Server 2008...
Hello,I wonder if somebody can help me clarifying this issue.I have installed Windows Server 2008 R2 Standard with SP1 on a new server. All Users (direct connected or remote desktop connected) do...
View ArticleClik here to view.
Problem Running Security Configuration Wizard On 2003 R2 Servers
Hi,I'm trying to run SCW on 2k3 R2 SP2 servers. After the "Select Server" stage, I get the error: "The selected server must be running Windows Server 2003 Service Pack 1":Tried to remove SCW and...
View ArticleClik here to view.
Certificate Auto Enrollment / Automatic Certificate Managment a good idea?...
STD Server 2003R2 / 2008R2 (NON SBS Domains)Hello,1) In general i wanted to know if Certificate Auto Enrollment is a good idea. I have seen this at some customer sites and never used it.I guess in...
View ArticleClients using wrong Certificate Authority for certification requests
Dear NC,I have a Root CA in a Forest under root.domain.tld and a child CA under child.root.domain.tld. Both CAs are configured to autoenroll certificate requests. Now from time to time it happens, that...
View ArticleSpecify the Issuance Policies in Certificate Template
HiI am trying to specify the issuance policy with a newly created certificate template in our subordinated CA. I already got OID and CPS location and tried to put this information by "New issuance...
View ArticleCert Temp does not show my duplicated temp
I create a custom Temp in issuer CA and can see that temps when request cert from MMC. but when I request a Cert from web based CA program, it doesn't show me that in cert temp list.what is the...
View ArticleKill expired SBS certificate
We were running a SBS2003 server and have since (around 2 years ago) migrated off of SBS and currently have Windows 2008 r2 domain controllers and Excahnge 2010. Recently, all the systems have been...
View ArticleAlways Access Denied when choosing Automatically Enrol and Retrieve...
I am using 2008 R2 Certificate Services to issue certs across multiple forests (although don't let that muddy the waters).I have a need to issue certificates for use with s/ldap, so I have duplicated...
View ArticleGroup policy on password hash stored
Dear, Can you please let me know how can we keep stored hashes of last (exp 5 users) on windown 7 machine ?Thank you BAng
View ArticleNPS Error 4625 + NPS Error 6273 (Code Reason 295) Autenticating Computers for...
We have a CA Root(Offline) and a Subordinate CA (Online) which gives certificates for computers via GPO. Everything works well in our test environment (DC Active Directory,Microsoft NPS RADIUS,...
View Article