Encryption of 128-A
Dear Gurus, We are working on the encryption method of Code 128-A. We need any DLL or Code of 128-A from which we can make 128-A encryption. Your kind help will be very help full. Thanks Malik Adeel...
View ArticleClean up multiple Root Certificates from a CA
Hi, we have this old Win 2003 DC runs as a CA for our WiFi IAS authentication. It's been there for a while, so things got a bit messy.e.g. open \\caserver\certsrv\certcarc.asp , there will be 4...
View ArticleNew Domain Controller - Permissions Nightmare
Dear All,I have a file server with shares which has folders in them. Not very uncommon I hear you say, well these folders inside for various reasons don't follow the normalhierarchy top down...
View ArticleSCW kills DNS delegation for child domain during DCPromo
Hello again!I've taken it upon myself to build a development domain (a.k.a child domain) using Win2k8R2. Here's a rundown of the current parent domain:Both DC's have AD, DNS, static IP's, etc...I have...
View ArticleServer 2008 R2 File access auditing problem - getting too much noise from...
Hi I needed to setup auditing for the purpose of finding out who keeps deleting files from a specific folder on one of our file servers.I have accomplished this by turning on "Success" auditing in the...
View ArticleRestricted RPC dynamic ports on member server - do I need to restrict the DCs?
Hi there!My situation is as follows:We have some servers running SharePoint in a resource domain "A".The clients and user accounts are in domain "B", and there is a two-way trust between domains A and...
View ArticleCertification Authority - delete expired certificates
How to delete old certificates from enterprise sub ca?have got plenty of expired OCSP signing certificates , wanna delete all thoseplease advicethanksShaun
View ArticleCA Permissions to templates:
I have set up a Enterprise Root CA in a test environment since we want to authenticate our Clients with 802.1x and enrypt network communication by ssl. I installed the CA on a domain controller and the...
View ArticleJoin member to domain root CA is downloaded
Fact: when the member computer is joined to the domain, the AD-published Root CA certificate is pushed to the new member automatically.Question: is there any PKI MVP blog that describes this in more...
View Articlesome local users cannot logon to Windows 2003 / XP - "Access is denied"
Environment:All computers are in workgroup, no domain, about 250 XP professional with sp3, 250 Windows 2003 Standard servers with sp2, problems are affecting about 5% of the computers, but number...
View Articletest SCEP - error 503, service unavailable
Hello,I completed SCEP NDES installation on a Server 2008 R2 VM. When I access http://NDESserverFQDN/certsrv/mscep_admin using IE 8, it shows error 503, service is unavailable. In the IIS configuration...
View ArticleWhy can't a renewal period be 0 years?
I have a 2008 R2 root CA and a 2008 R2 Intermediate CA.I have created a custom template and assigned the Renewal period to be 0 years. When I try to enroll a certificate for the Intermediate CA, the...
View ArticleSmart card/signature approval before issuing a certificate
Hi all,I am building a three-tier PKI - offline root CA, Intermediate CA and Issuing CA.Currently, I have created a custom certificate template for the Issuing CA and checked the issuance requirements...
View ArticleDefault Security Protocols and Ciphers enabled in Server 2012?
Is there any information regards which Protocols and Cipher suites are enabled by default on Windows Server 2012?Is SSLv2 for example disabled?Thanks.
View ArticleMost Secure Infrastructure Setup for 3 Networks
I have 3 networks and they all need to be secure from each other yet be easily managed from a domain standpoint. Network A = Child domain Network (Secure network) Network B = Domain Network (Domain)...
View ArticleBrute force attacks and anonymous logon
HelloI have noticed that before the brute force attacks there is always a successful anonymous logon event from the same IP of the brute force attack, for example the successful anonymous logonAn...
View ArticleAdding certificate based credentials to windows vault
Hi, Is there a way to add certificate based credentials to the windows vault by using the command line? I tried cmdkey but it does not have a switch to add a certificate in the windows certificate...
View ArticleRemote Desktop Authentication certificate issued on every RD Configuration...
Hello,in several networks (several separate customers) I have this weird behaviour. I have created a new Remote Desktop Authentication certificate (1.3.6.1.4.1.311.54.1.2) and assigned it through the...
View Articlenew enterprise CA
will configuring new enterprise AD CS server in environment start issuing certificate immediately ? i mean will autoenrollment start immediately ?if yes..how can we avoid it ?thnx
View Article