Threads Replies Last Post 11 Pages: 1  2  3  4  5  6  7  8  9  10  11   Managing SSL certificates Platform: Server 2003 R2 SP1 (IIS6.0) I'm trying to get a SSL server cert installed. The information I have says: To assign a server certificate to a Web site: 1. In IIS Manager, expand the local computer, and then expand the Web Sites folder. 2. Right-click the Web site or file that you want, and then click Properties. Depending on whether you are configuring a Web site or a file, ... 5 10/16/2008 8:00:56 AM Fatal Execution Engine Error Hi, We are having a problem for our application which runs on Windows 2003 server and .Net Framework 2.0 SP1. Our program crashes randomly and when we look at the event log the error is "Fatal Execution Engine Error" We have reinstalled framework and we applied the hotfix (63) but it didn't solve the problem. Our program serves for disaster and it is very important and urgent for... 4 10/14/2008 4:39:11 PM Authentication againts ADS Dear members, I need some inputs for the following scenario: (1) the java application (JAPP) running on Windows XP, which is part of an NT-Domain (2) the user (USER) on this box is logged in the NT-Domain (3) the JAPP access a server (SERVER) via HTTP / HTTPS (4) the SERVER should be authenticate the USER againts ADS without requiring password from USER ans without using Kerberos. Is... 3 10/7/2008 3:56:20 PM Blocking NT Authentication Attempts I'm using server 2008 standard as a web host. I'm occassionally seeing a number of failed outside attempts to login to the server w/ false credentials (hammering). Is there any way to prevent this? Is there a port I can block to keep people from attempted authentication (windows)? Maybe a good way to say "after 3 bad auth attempts, temporarily block IP"? - Thanks in advance!... 2 10/7/2008 3:16:36 AM LDAP authentication with Internet Explorer We are trying to authenticate to our Windows 2003 AD using LDAP with Internet Explorer. We get it to work with CN= "name" but we cannot get it to work with sAMAccountName="name". Has anyone tried to do this before? ... 2 10/6/2008 6:57:25 PM Computer certificates for non-domain systems Hello everybody! We'd like to deploy a VPN with EAP-TLS authentication. Unfortunately, some of our system are not member in the AD-domain. Now - maybe a stupid question - how can I get a computer certificate for those machines? Deployment via MMC doesn't work and the web-based enrollment doesn't show the opportunity to get a computer certificate either. The OS on those system in XP S... 4 10/6/2008 6:23:11 PM Editing Basic Contraints / Certificate Policies Hello everybody, I so far unsuccessfully tried to set the basic contraints option in my issuing CA after I set up the CA. Is there a certutil command which is able to set this attribute so each certificate I issue with this CA has this basic contraints attribute? Is there a certutil command with which I can add a user notice text such as "This certificate is for testing purpose only,... 3 10/6/2008 2:48:27 PM Active Directory Attribute security What delegation of authority would I have to give to give someone the right to edit the city attribute. I know that in ADSIEdit city is represented buy the attribute l. But when I look through the user objects in the Delegation of Authority neither city or l is avaiable. I tried using the advanced security and was able to find l under account objects but that did not provide the necessa... 2 10/5/2008 4:49:38 PM How to use registry to lock the Audit Policy May I ask which registry code can be used to lock the Audit Policy Setting of the Local Policies, thanks. OS : Windows 2000 Server SP4... 1 10/5/2008 12:07:01 PM Block Remote Authentication (hammering) I have a server 2008 standard box running websites. I check the Security log, and there are consistent login attempts all over the place, I do my best to block the IPs using IP policy, but they still come. I'm wondering if there is a better way to simply block them out w/o adding IP by IP.... 2 10/5/2008 3:53:30 AM Bad SIDS on file server - does it cause performance issues Hi, We have a very large file server. The entire directory structure has NTFS permissions applied. Several of these permission rules are bad SIDs i.e. the accounts no longer exist / cannot be resolved to active directory accounts. Can anyone tell me if this causes any performance issues with users trying to access files ? Regards Michael... 2 10/3/2008 1:07:49 AM How to add a subject alternative name to a request? Hello, I'm writing a VB Script based on Brian Komar's Enroll.vbs which allows an enrollment agent to enroll for email certificates on behalf of other users. So far everything works as it is supposed to. The last problem I need to solve is: How do I add an subject alternative name to the certificate? I found out that the ICertRequest2::Submit Method allows for something called "str... 1 10/2/2008 1:59:00 PM Safely change the Administrator accounts and names 2003 server Can I safely change the Domain Administrator account password and name and still have access to domain clients? I'm concerned that once I change the administrator account I won't have access to the clients and will have to bring them all back into the domain to get the GPO security back. Any cached policies would still be on the laptops untill they login into the domain correct? Do I even ne... 2 7/13/2007 4:56:45 AM Domain Controllers grabbed Certificates from wrong Cert Authority we use a microsoft cert authority to allow Peoplesoft to authenticate against our AD. Another tech setup his out cert authority and now our DC's have all switched to that instead of the proper Cert Authority. How can i switch the domain controllers certificate to the proper cert. Is it as simple as revoke the bad cert disable the rogue cert authority then request new certs? ... 1 7/12/2007 4:32:00 PM Restrict AD-User to one X509 Certificate per Certificate template? Is it possible to configure an Windows 2003 Server CA-Template (V2) to restrict AD-users to have only one certificate issued per template at a time? Renewal should of course still be possible... ... 1 7/12/2007 4:18:59 PM RPC Security Service fails to start on Windows 2003 Server Whenever I start this Windows 2003 Server, the RPC Security Service fails to start. Does anybody know what could cause this? What does this service do, and could be the consequences of this service not running? Is the server vulnerable without it? What steps could I take to make sure it does run? Thanks ... 2 7/12/2007 3:24:15 PM File Security I have aW2K3 server that belongs to a domain. I would like to set security privileges for files with the authority being the directory that is the domain controller. However the locations only shows the local host (the server itself). What do I need to do to see the Directory from the domain controller > Thanks, RM. ... 2 7/12/2007 3:26:34 PM Block Remote Control Hi; Working on Win2003, how do block the Remote Control in my user session. Tks. Alvaro... 8 7/12/2007 6:39:15 PM Selective Security Wipe Wondering if anyone has a suggestion for how to perform selective deletion of data from multiple servers and volumes, that will meet DOD erasure standards when completed? One of our clients is not using our services any longer and has requested all data pertaining to their business, be deleted from any and all servers. Obviously backups will need to be addressed, but there are over 40 serve... 2 7/13/2007 4:53:04 AM Sharing encrypted folder Environment: Server2008-x64 enterprise, XPpro SP2 client. I want to set up a shared encrypted folder on Server2008, so I: 1.. Logged on the server as admin and created folder "secure", marked it as encrypted. 2.. This new encrypted folder inherited full-control access permissions from user x. 3.. I go to my XP machine, map a network drive to "secure" using user x. So far, so go... 2 10/9/2008 3:08:57 PM URGENT: Windows XP does not apply custom template policy I designed a custom group policy template -for some computers in my domain- that applies some registry changes. The problem is that is Windows XP loads the group policy object but it does not apply custom policies!. (I use rsop.msc and the GPO is successfully applied) What should I do? My domain function level is Windows 2000 mixed. Is this related? Thanks! ... 5 10/11/2008 5:38:21 PM EFS question Environment: AD controller (ADC) running Server 2003 R2 SP1, storage server (SS) running Server 2008 SP1, desktop (DT) running XP pro SP2. I want to establish an encrypted folder on SS from DT, so I: 1. Approved SS for delegation at ADC (all services, Kerberos); 2. On DT I created a folder "Secure" on SS and attempted to encrypt it; error message said "The requested operation requires del... 2 10/13/2008 12:41:52 PM Where's this logon attempt coming from? Hi, I recently had someone get into our servers and run a script to attempt logons. The found a weak password and then logged in as that User. I was able to track where that activity was coming from, but the original scan for the passwords...those have been difficult. Here's a sample logon from the script: Logon Failure: Reason: Unknown user name or bad password User Name: justin Do... 1 10/22/2008 1:57:01 AM Change default certificate duration ? Hi, we have a root CA and every certificate request has a validity period of 1 year only. Please could you tell me how can I change this default value ? Thanks -- Eric ... 4 10/22/2008 7:50:50 AM Are these 529s hacking attempts or some other problem? I have a client's server which occasionally will generate a large number of Failure Audit 529 events every 15 min for several hours hours. I am having trouble researching becase the username in the event is MAIL$ and google doesn't handle that well and returns everything with the word MAIL in it - not all that useful. Below are the details of the event. They have no users or workstations ... 2 10/23/2008 2:40:58 PM 11 Pages: 1  2  3  4  5  6  7  8  9  10  11