Edit .WFW file
Hello I've been poking at a MS Win 2k8r2 system looking to change the scope of all of the systems firewall inbound rules. Using netsh I was able to export the rules and thought it would be easy to edit...
View ArticleActive Directory Account - User Login not allowed
We have recently implemented SharePoint workflows in O365, using AD to select user accounts. This changed our internal processes to have AD account created for all company employee's regardless of...
View ArticleActive Directory - Certificate Services [Offline Root Security]
Good Morning, I have a bit of a polling question surrounding the acceptable practices securing an offline root certificate authority, as well as issuing CAs. It is my understanding that hardware...
View ArticleThe Microsoft Passport service failed
Hi,Lately a very strange thing happened on one of our DC.For 20 min I was unable to connect to a server, and during that time I was getting replication errors and probe health issues.(After 20 min,...
View ArticleNetbios domain and not full domain shown in Event viewer Audit logs
Hi all,I am monitoring user access events, Event Ids: 4768 They appear on the Event viewer under Windows Logs - Security - Audit Successe.g for 4768:TargetDomainName MOSHESometimes the...
View ArticleMicrosoft AD CS Certificate Enrollment Web Service/Enrollment Policy Web...
Hello, does anyone have any experience using the Microsoft Active Directory Certificate Web Enrollment Service (CES) and Web Enrollment Policy Service (CEP)? I am exploring this option to enable...
View ArticleSchannel error 36874
Hi We have getting error in our VDI infrastructure and it will encountered on RD gateway and RD web server ? Can i just ignore the error. Is this impacting the production ? Homer Sibayan
View ArticleService accounts
Hello,we are using a lot of accounts for some services like backup, scan-to-email, LDAP request on routers and etc. Previously such accounts have had unexpired password and everything was fine. But...
View ArticleMigrating CA from 2008 to 2016
I have CA installed on win server 2008 R2 SHA1 and I have to migrate it to windows server 2016 .All generated certificates with SHA1 should be still as it is but the certificate authority server shall...
View ArticleCredential validation failed - event id 4776
Hi,In one of our DC lot of audit failure logs captured from the multiple clients through the local user of clients. In client side checked and not sure from where it is getting triggered.Local user of...
View ArticleAD CS - Unable to Request Certificates from Certificate Authority
I've been battling an issue with our domain for a couple days now. A little background: We're attempting to migrate a standalone CA from our Windows 2008R2 system. We stood up two Windows 2019 servers...
View ArticleHow to update stale CDP url
I have a 2016 internal Enterprise CA with 3 versions of the root cert (from previous renewals) and within each of these cert versions, the CDP data shows stale (outdated) ldap and http url strings for...
View Article[SOLVED] Certificate Common Name Issue
Each time I issue a certificate, the common name is forcefully changing to User's name,
View ArticleImpact of deleting an old CDP entry from AD
I have a stale CDP entry in my AD domain from a previous Enterprise CA. I'd like to delete it because I suspect it may be causing issues however I see that there's still about 100 Issued certs that are...
View ArticleMS16-039 patches for Windows Server 2016
Dear Sir,I have an Windows Server 2016. After I scan with Nessus (Tenable). It is found that quite some .NET framework vulnerabilities. However some of the findings I cannot found any patch for...
View ArticleWinRM WEF over HTTPS
Hi All,I was successfully able to configure WEF over WinRM using a “Source Initiated Subscription” as detailed herehttps://docs.microsoft (.)...
View ArticleServer 2019 - Excessive Event ID 4763 (audit failure use of SeTcbPrivilege)
HiI have a new installation of Windows Server 2019 Version 1809 (Build 17763). I am seeing loads of Event ID 4763 in the Security section of the Event Viewer as below. (Yes, I have Audit Sensitive...
View ArticleRedirected folder issue after exactly 10 hours
Hive mind,I ave an issue whereby users are running inside a Citrix session hosted on Windows Server 2016. Redirected folders are being used, set by GPO and everything is working fine for exactly 10...
View ArticleHow to auto patch on Windows Server 2008 after January 2020
How to auto patch on Windows Server 2008 after January 2020, because windows server 2008 has EOL now. we have extended MAK key, how to update this MAK to 2008 servers and how to patch, Appreciate your...
View ArticleWhat are the steps to stop Windows 10 systems from generating/regenerating a...
I am currently in the process of removing all RDP self-Signed certificates from my windows 10 desktops and windows 2012/2016 servers. I have created instructions for this process for all administrators...
View Article