Issuing Certificates in different AD Forests
I have a requirement to design a CA Infra. We have multiple AD Forests and are looking to issue certificates to various devices within each of these forests. Can i still build a Ent Sub-CA and issues...
View ArticleThe value in the "CSP" field appears as "Loading" when you use the Advanced...
To whom it may concern,We are getting this message 'The value in the "CSP" field appears as "Loading" ' when we are trying to get an ubuntu linux machine to enroll for a certificate and it will not let...
View ArticleEAP-TLS (PEAP) Wireless 802.1x - User and Computer Auth. - First user login
I am having trouble in a Wireless 802.1x EAP-TLS (PEAP) environment using Windows Server 2008 R2 & NPS (AD PKI environment in place & working). Computer and User authentication via certificates...
View ArticleNeed an online- rather than LDAP-based CRL when issuing user certificates...
Hello,The Active Directory Certificate Services feature is working great for us--just one problem. When user obtains a certificate from Web Enrollment, the CRL is LDAP-based: [1]CRL...
View ArticleAdd windows firewall with advanced security log to windows 2008 event viewer
Hi all, I would like to see wether who is turn Windows Firewall ON or OFF and at what time on Windows 2008.As what I had checked I could see this on Windows 7 (Event Viewer/Applications and Services...
View ArticleWindows Server 2008 R2 NTFS Permissions
How to allow user to create folder but deny the same user to delete the same folder after creation?
View ArticleAccess to a networked server using a local login
Hi thereWe have 2 networked servers, and we remotely login onto the machines using a local login, is it possible to access a drive on one of these from the other?Thanks
View ArticleChange single tier PKI into two tier PKI with temporary coexistance
Hello,i got some questions about a soft pki migration.in our active directory environment there is a single tier pki installed. One Root CA holding the root certificate and issuing every used...
View ArticlePrevent user from file overide
Hi,I would like to prevent our workers from being able to overwrite an existing file, instead forcing them to have to do a 'Save As' process.So they should be able to open a file but only able to save...
View ArticleImplementing Network Device Enrollment Service in a User Forest / Resource...
Hello, We have a Windows 2008 R2 User Forest / Resource Forest configuration, where users authenticate to Domain Controllers in the User Forest, but access resources such as Lync and Exchange in the...
View Article401 - Unauthorized: Access is denied due to invalid credentials
After installing MSCEP, enter http://Server2008/certsrv/mscep_admin in the browser.Enter correct user name and password in pop-up box. Windows 2008 keeps rejecting the correct user name and password....
View ArticleValid Certificate not showing up in Issued Certificates on CA
We recently got bit by a certificate that was somehow issued by the CA, but does not show up in the issued certs list.The short version of the story is we had an old 2003 standalone CA that we believed...
View Articlecredential roaming over the long term
Hello,I understandhow thecredentialroamingworks.Spite of everythingI stillseveral question.I have made some test to implement credential roaming. My certificates are made for use Smime.When a...
View ArticleADCS and RDS
HelloWe've built an RDS farm using RD Web and RD Gateway. We've applied a public wildcard certificate to the external facing components RD Gateway and RD Web.From my understanding to allow SSO to...
View Articlevirtual labs - holLaunchPadOnline.application require admin?
We have a team that is unable to run the latest holLaunchPadOnline.application files that come down from http://msdn.microsoft.com/en-US/aa570323.aspx. When you try to execute you receive a message...
View ArticleLogon hours restriction doens't work on a client computer joined to a Domain...
I setup a Logon Hours restriction in the Account tab\Logon Hours button in AD users and Computers, logon hour restriction works only on a server computer but not on a client computer joined to a Domain...
View ArticleJoining another CA authority server to existing PKI environment
Our current environment has our 2 Enterprise CA servers running Windows 2008 Standard. We need to create and use version 2 templates. The CA servers won't allow us to do this. These servers are...
View ArticleUsing CA hostname (netbios name) as CA name
On the Microsoft Technet page here: (http://technet.microsoft.com/en-us/library/cc770402.aspx) it is stated that "The CA name should not be identical to the name of the computer (NetBIOS or DNS name)."...
View ArticleReset password by SYSTEM?
Hi Guys,Our customer has security issue now, some users have been reset password by SYSTEM account like below:---------------------Log Name: Security Source:...
View ArticleWindows server 2008
I have windows server 2008 R2, in that I have created one OU in that I have created all the domain users. Now I want to give access to domain users to enable/ disable LAN card? Please help me......
View Article