Active Directory is Failing with Cert Error
My DC is failing with an error "A fatal error occurred when attempting to access the SSL client credential private key. The error code returned from the cryptographic module is 0x8009030d. The...
View ArticleApplocker and .api file types
I have enabled Applocker in audit mode and created both Publisher and DLL rules for most applications, but now on my audit logs i am getting .api files comming through via DLL Policy e.g:...
View ArticleIOCSPAdmin missing
I've been struggling getting the Online Responder configured in my test PKI setup. I used the this 2 tier PKI setup as my...
View Articletrust relationship between this workstation and the primary domain failed
Hi there,Does any body knows on how to fix The trust relationship between this workstation and the primary domain failed.Our network is windows server 2008 r2 , and affected windows computer is windows...
View ArticleUsage of third part CSP on Win Server 2008 R2 : CSP doesn't appear in list of...
Hi,I'm working on Windows server 2008 R2 Standard edition. I want to used a third part CSP developped by ourselves.Our CSP library is in 64bits version and located in system32 directory.I've added a...
View ArticleOnline Responder as Best Practice?
Hi,In addition to the usual CDP/AIA deployment for ADCS, what is the Best Practice these days around deploying the Online Responder?Is it Best Practice to deploy the Online Responder with all new ADCS...
View ArticleHow to generate cert request from my cert in mmc
Let's say a cert in my mmc is expiredI am unable to generate cert request using:All Tasks->Requests cert with new key or All Tasks->Renew cert with New key Both gives Enrollment error:An...
View ArticleClik here to view.
Windows Firewall. Internet and Intranet Predefined set of computers.
HiCan you please explain what do these sets mean according to firewall? Is there a documentation?Thanks!Любовь долготерпит, ...
View ArticleStore BitLocker key in AD
Hello,I'm an admin for an Office OU, which means I have delegation rights for my OU but I'm not a domain admin.I configured a BitLocker GP which should store the key also in AD in the computer object...
View ArticleMost recommended setting for Audit policy, password policy and account...
Most recommended setting for Audit policy, password policy and account log-out policy ? also please let me know if any special reasonthanks
View ArticleWorkplace join SSL Certificate
Is there anyone could help me about workplace join.I followed Technet "Setting up the lab environment"http://technet.microsoft.com/en-us/library/dn280939.aspxBut I still don't understand which...
View ArticleFile Encryption and PKI
Hello all i need your advice for the following issue...We need to encrypt specific directories and files, placed on our company file server, using Microsoft CA (PKI).Access to these directories may...
View ArticleEnabling file/folder auditing does not work
Hi everyone,I am trying to set up auditing on a directory that is shared on my file server. I tried it in many ways, but none works. This is my config :Primary Domain Controller running on Windows...
View ArticleHow to disable anonymous acces to ipc$ share?
hi all,due to security reason we have to disable all anonymous access shares etc through the settings of diable smb null sessions etc.we have set several GPO settings and can verify that the registry...
View Articlesysctr.com What is it?
From my windows workstation or server I can ping www.sysctr.com or sysctr.com and it comes back with a loopback address. Anyone know what this is for? Doesn't matter domain or non-domain PC. Windows...
View ArticleGenerate public/private key pair
Hello AllWe have Windows 2012, AD CS is installed with "Certification Authority" role. We have requirement from development to generate public/private key pair. How do I do this ?Thanks
View ArticleWhy is the Version 4 template feature "ability to organize providers in order...
I was reading the what's new page for 2012 AD CS and I don't understand something I read:"Administrators can configure certificate templates so that Windows 8, Windows 8.1 Preview, Windows Server 2012,...
View ArticleNTFS Permissions
I have two security groups, Authenticated Users which is built in and Conference Rooms. I give the Modify permissions on all shares to Authenticated Users and the Write permission on Conference Rooms....
View ArticleHow to find encrypted files on clients and decrypt them
Hi,Like the title says, we have enabled EFS on our clients years ago and the administrator enabling has left and none now seem to know which computers are using EFS today.We have GPO´s in each of our 4...
View ArticleExport the CAExchange certificate out of Microsoft Strong Cryptographic...
We currently have our own Production PKI environment set up complete with HSM backend. In a nutshell, we are running into a problem where the ADCS is notifying us that it cannot use the CSP with 86 and...
View Article