Core Infrastructure and Security Blog - Microsoft Tech Community

Microsoft Tech Community

Options

2,507

Zoheb Shaikh on 02-13-2020 12:00 AM

Hi all! Zoheb Shaikh here again, and this time I will be sharing an interesting script to alert on Expiring certificates...

4,486

John_Clyburn on 02-10-2020 12:00 AM

Hello everyone, my name is John Clyburn and I am a Sr. consultant in MCS. I’ve recently been working with SCVMM 2019. I ...

2,934

Tim_Beasley on 02-06-2020 02:10 PM

Ever wonder how potentially vulnerable your tenant is in Azure? Learn how to enable the vulnerability assessment check i...

1,491

hspinto on 02-04-2020 07:21 AM

Learn how to use Azure Automation Hybrid Worker in on-premises scenarios where you need to authenticate against local re...

7,097

Jon Warnken on 01-30-2020 06:53 AM

With the end of support for Windows 7, Windows Server 2008, and Windows Server 2008 R2 on January 14, 2020, many of our ...

1,358

Sean Greenbaum on 01-28-2020 09:19 AM

In this post, lets look into how to convert ETL files captured by NETSH into a .PCAP file format that can be used by oth...

795

NoMoePwds on 01-24-2020 02:10 PM

First published on TECHNET on Dec 12, 2018 Hello all, Tochi Ezebube here again from the Active Directory Certificate Ser...

518

NoMoePwds on 01-24-2020 02:10 PM

First published on TECHNET on Mar 12, 2018 Wes Hammond here from Premier Field Engineering.

396

NoMoePwds on 01-24-2020 02:10 PM

First published on TECHNET on Feb 24, 2017 Hey Everyone,A little while back I posted this article to my own personal blo...

317

NoMoePwds on 01-24-2020 02:10 PM

First published on TECHNET on Nov 30, 2016 Hi there!This is Tochi Ezebube with the Active Directory Certificate Services...

343

Amer_Kamal on 01-24-2020 02:10 PM

First published on TECHNET on Oct 19, 2015 Update: This page has been removed.

357

NoMoePwds on 01-24-2020 02:10 PM

First published on TECHNET on Jul 24, 2015 A fellow engineer at Microsoft, Roger Grimes, has published a great article o...

369

NoMoePwds on 01-24-2020 02:10 PM

First published on TECHNET on Apr 26, 2015 Setting up NDES using a Group Managed Service Account (gMSA)Hallo everybody, ...

417

NoMoePwds on 01-24-2020 02:09 PM

First published on TECHNET on Sep 08, 2014 Hey Everyone, I am back with the last part of this 3 of this series on TPM pr...

403

NoMoePwds on 01-24-2020 02:08 PM

First published on TECHNET on Jul 15, 2014 Hey Everyone, I am back with part 2 of this 3 part series on TPM protected ce...

389

NoMoePwds on 01-24-2020 02:07 PM

First published on TECHNET on Jun 05, 2014 Hey Everyone, This is Wes Hammond with Premier Field Engineering back to shar...

334

Amer_Kamal on 01-24-2020 02:07 PM

First published on TECHNET on Apr 28, 2014 Hello All, This is Wes Hammond with Premier Field Engineering back with follo...

317

Amer_Kamal on 01-24-2020 02:06 PM

First published on TECHNET on Mar 05, 2014 Hey everyone this is Wes Hammond from Premier Field Engineering and I wanted ...

301

NoMoePwds on 01-24-2020 02:05 PM

First published on TECHNET on Feb 21, 2014 Digital certificates are a key mechanism for establishing identity on the Int...

304

NoMoePwds on 01-24-2020 02:05 PM

First published on TECHNET on Jan 08, 2014 For those that missed the big news on the Ask Premier Field Engineering (PFE)...

262

Amer_Kamal on 01-24-2020 02:05 PM

First published on TECHNET on Sep 19, 2013 A common question in the field is about upgrading a certification authority r...

315

Amer_Kamal on 01-24-2020 02:05 PM

First published on TECHNET on Aug 27, 2013 Working with Internet Information Services (IIS) certificates can be a bit ch...

273

NoMoePwds on 01-24-2020 02:05 PM

First published on TECHNET on May 08, 2013 Paul Fox has uploaded a revision of his former Windows PowerShell CRL Copy sc...

263

NoMoePwds on 01-24-2020 02:05 PM

First published on TECHNET on Mar 22, 2013 Tonight I spent a couple of hours reorganizing the PKI Documentation and Refe...

303

Amer_Kamal on 01-24-2020 02:05 PM

First published on TECHNET on Mar 21, 2013 Windows Server 2012 System State Backup allows an administrator to back-up se...

283

NoMoePwds on 01-24-2020 02:02 PM

First published on TECHNET on Mar 08, 2013 I have consolidated and updated two command line utilities recently:CertreqCe...

256

Amer_Kamal on 01-24-2020 02:02 PM

First published on TECHNET on Dec 27, 2012 It is very common to check the configuration of any certification authority u...

266

Amer_Kamal on 01-24-2020 02:02 PM

First published on TECHNET on Dec 20, 2012 Many customers must perform a regulatory audit annually to comply with indust...

247

NoMoePwds on 01-24-2020 02:01 PM

First published on TECHNET on Dec 10, 2012 Hi there, I am a test engineer in the Windows team working on certificate enr...

255

NoMoePwds on 01-24-2020 02:01 PM

First published on TECHNET on Oct 08, 2012 A new feature is available in Windows Server 2012 and Windows 8 that allows y...

Latest Comments

in LDAP Channel Binding and LDAP Signing Requirements - March update NEW behaviour on 02-18-2020

Hello, The ADV190023 was updated, but below article still states that the hardening will be enforced in March 2020:https://support.microsoft.com/en-us/help/4520412/2020-ldap-channel-binding-and-ldap-signing-requirem... "Microsoft intends to release a security update on Windows Update to enable LDAP ...

0 Likes

in LDAP Channel Binding and LDAP Signing Requirements - March update NEW behaviour on 02-18-2020

@Evgeny -- The official advisory ADV190023 was updated about 2 weeks ago. Please refer here -- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190023

0 Likes

in LDAP Channel Binding and LDAP Signing Requirements - March update NEW behaviour on 02-18-2020

Hi @Alan La Pietra Thank you for information. The article says "This information is preliminary and is subject to revision.This article is a living document, written over time and is subject to change. When guidance presented in this article is in direct conflict with official documentation, one mus...

0 Likes

in LDAP Channel Binding and LDAP Signing Requirements - March update NEW behaviour on 02-16-2020

@amyknight @jdobiash Event 2889 occurs with Unsigned and Signed SASL Bindings over port 389 /3268 (GSSAPI / TLS). As I understand, there is always one unsigned LDAP SASL Bind (to get the KerbTicket or the certificate), and the DC accepts this. After that, the LDAP SASL Bind can be processed. So even...

0 Likes

in Preparing to Deploy Extended Security Updates on 02-14-2020

This is very descriptive and informative. Thanks for putting this together!

0 Likes