cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Core Infrastructure and Security Blog
Copied!
Home
Options
278

Group Protected PFX

NoMoePwds on 01-24-2020 02:01 PM
First published on TECHNET on Oct 08, 2012 A new feature is available in Windows Server 2012 and Windows 8 that allows y...
270

Blocking RSA keys less than 1024 bits (part 3)

NoMoePwds on 01-24-2020 02:01 PM
First published on TECHNET on Aug 14, 2012 Microsoft released a security advisory, KB article, and software update for a...
210

Blocking RSA Keys less than 1024 bits (part 2)

NoMoePwds on 01-24-2020 02:01 PM
First published on TECHNET on Jul 13, 2012 On August 14, 2012, Microsoft will issue a critical non-security update (KB 2...
215

How to determine if a smart card was used for logon

NoMoePwds on 01-24-2020 02:00 PM
First published on TECHNET on Jun 18, 2012 Fabian Müller, Premier Field Engineer (PFE) in Germany, just wrote a detailed...
185

RSA keys under 1024 bits are blocked

NoMoePwds on 01-24-2020 02:00 PM
First published on TECHNET on Jun 11, 2012 Public key based cryptographic algorithms strength is determined based on the...
124

Announcing the automated updater of untrustworthy certificates and keys

NoMoePwds on 01-24-2020 01:59 PM
First published on TECHNET on Jun 11, 2012 There are a number of known untrusted certificates and compromised keys that ...
174

Request File Can’t be Located during CA Certificate Renewal

Amer_Kamal on 01-24-2020 01:59 PM
First published on TECHNET on May 29, 2012 During my work with a customer renewing their Issuing CA’s certificate based ...
130

Visual Basic for Applications and SHA2

NoMoePwds on 01-24-2020 01:59 PM
First published on TECHNET on May 03, 2012 I was recently helping a customer deploy a SHA-256 based PKI.
131

Best Practice for Configuring Certificate Template Cryptography

NoMoePwds on 01-24-2020 01:59 PM
First published on TECHNET on Apr 27, 2012 Starting with Windows Vista and Windows Server 2008, the option to utilize Ke...
123

Network Device Enrollment Service (NDES) now on the TechNet Wiki

NoMoePwds on 01-24-2020 01:58 PM
First published on TECHNET on Apr 18, 2012 The Network Device Enrollment Service (NDES) whitepaper is now on the TechNet...
128

Offline CA articles posted to the TechNet Wiki

NoMoePwds on 01-24-2020 01:58 PM
First published on TECHNET on Mar 18, 2012 Amer Kamal recently posted two articles regarding the security and maintenanc...
121

HSPD-12 Logical Access Authentication and 2008 Active Directory Domains on Download Center

NoMoePwds on 01-24-2020 01:58 PM
First published on TECHNET on Mar 14, 2012 A follow-up document to the original HSPD-12 Logical Access Authentication an...
146

Connecting iPads to an Enterprise Wireless 802.1x Network Using Certificates and Network Device Enrollment Services (NDES)

Amer_Kamal on 01-24-2020 01:58 PM
First published on TECHNET on Feb 27, 2012 Important notice: Microsoft does not support any apple products, if you need ...
148

Decommissioning an Old Certification Authority without affecting Previously Issued Certificates and then Switching Operations to a New One

Amer_Kamal on 01-24-2020 01:57 PM
First published on TECHNET on Jan 27, 2012 Jonathan Stephens posted an excellent Blog about this topic; however, it didn...
122

EFS Certificates may be recovered as CNG certificates when CAPI CSP is required

NoMoePwds on 01-24-2020 01:57 PM
First published on TECHNET on Jan 23, 2012 If a Key Recovery Agent (KRA) certificate is stored in a Cryptography Next Ge...
149

Windows PowerShell script for Setting up a CA on Windows Server 2008 and Windows Server 2008 R2

NoMoePwds on 01-24-2020 01:57 PM
First published on TECHNET on Dec 08, 2011 Microsoft MVP, Vadims Podans, has written and posted a Windows PowerShell scr...
142

Key Recovery vs Data Recovery Differences

Amer_Kamal on 01-24-2020 01:56 PM
First published on TECHNET on Oct 28, 2011 I am often asked when talking to my customers about the differences between K...
169

How to decommission a Windows enterprise certification authority and how to remove all related objects

NoMoePwds on 01-24-2020 01:56 PM
First published on TECHNET on Oct 07, 2011 The Windows KB article 889250 titled "How to decommission a Windows enterpris...
124

Does Enterprise PKI (PKIVIEW) support OCSP?

NoMoePwds on 01-24-2020 01:56 PM
First published on TECHNET on Oct 07, 2011 A common question from certification authority administrators is "Does Enterp...
119

Updated requirements for a Windows Server 2008 R2 domain controller certificate from a 3rd party CA

NoMoePwds on 01-24-2020 01:56 PM
First published on TECHNET on Sep 28, 2011 Ingolfur has written a blog post as well as a TechNet Wiki article describing...
110

Windows 8 Developer Preview and AD CS / PKI: Cannot Get a Certificate from Web

NoMoePwds on 01-24-2020 01:56 PM
First published on TECHNET on Sep 14, 2011 If you are using Windows Developer Preview and have difficulty obtaining or d...
91

Internet Explorer 9 and Certificate Enrollment using Certificate Authority Web Enrollment

NoMoePwds on 01-24-2020 01:55 PM
First published on TECHNET on Aug 18, 2011 If you run into an issue where you are unable to download or save certificate...
81

Active Directory Certificate Services Frequently Asked Questions - needs your help!

NoMoePwds on 01-24-2020 01:55 PM
First published on TECHNET on Aug 08, 2011 If you have commonly asked questions about certificate services or PKI that y...
53

AD CS Content Updates

NoMoePwds on 01-24-2020 01:55 PM
First published on TECHNET on Aug 03, 2011 The following documentation updates have been recently made:AD CS: Deploying ...
43

Important Security Update for Windows Server: Active Directory Certificate Services Web Enrollment!

NoMoePwds on 01-24-2020 01:55 PM
First published on TECHNET on Jun 14, 2011 An important security update, described in MS11-051 (http://go.
93

Implementing LDAPS (LDAP over SSL)

NoMoePwds on 01-24-2020 01:55 PM
First published on TECHNET on Jun 02, 2011 LDAP over SSL (LDAPS) is becoming an increasingly hot topic - perhaps it is b...
55

Deployment of the new Federal Common Policy CA Root Certificate

MS2065 on 01-24-2020 01:55 PM
First published on TECHNET on Mar 13, 2011 BackgroundOn December 1, 2010 the Federal PKI Management Authority (FPKIMA), ...
41

CA manager approval required for certificate re-enrollment

NoMoePwds on 01-24-2020 01:54 PM
First published on TECHNET on Mar 08, 2011 Hi there, this is Larry, Developer from US, and Fabian, PFE from Germany, wri...
51

Quick Check on ADCS Health Using Enterprise PKI Tool (PKIVIEW)

Amer_Kamal on 01-24-2020 01:52 PM
First published on TECHNET on Feb 28, 2011 PKIVIEW was first introduced in Windows Server 2003 Resource kit.
57

Verifying The SSL Certificate Expiration with a tool

MS2065 on 01-24-2020 01:50 PM
First published on TECHNET on Feb 21, 2011 An active member of our community developed a very handy tool to verify - or ...
Latest Comments
DanielMetzger
in Initially Isolate Tier 0 Assets with Group Policy to Start Administrative Tiering on 02-21-2020
Hi Wolfgang Thanks for pointing this out. I have corrected this in the article.
1 Likes
WoR0407
in Initially Isolate Tier 0 Assets with Group Policy to Start Administrative Tiering on 02-21-2020
Hi Daniel,if the setting for "T1-SystemsAccessibleTo-T0-System" results in "Deny access to this computer from the network" for the security groups "Tier0-Users" and "Tier0-Computers", Domain Controllers wouldn't have the exception they should get, would they?Kind RegardsWolfgang
0 Likes
Brandon McMillan
in Configuration Manager Current Branch Antivirus Exclusions on 02-20-2020
Hello @Anton_Elufimov! Thank you for your inquiry. As of today, I'm not aware of any authoritative sources for that recommendation. I suggest if your AV product may be causing issues with the content library to test out what may work best for your environment while keeping it operationally secure.
0 Likes
Alan La Pietra
in LDAP Channel Binding and LDAP Signing Requirements - March update NEW behaviour on 02-20-2020
@Thomas Garrity sorry but this is not quite true. As PFEs we cannot provide information that is not published to the public. Articles will be update as soon as possible. March update will NOT make any changes so there is no super urgency on this, probably by the end of the month they will be updated...
0 Likes
Thomas Garrity
in LDAP Channel Binding and LDAP Signing Requirements - March update NEW behaviour on 02-20-2020
I told a PFE about this early last week. They don't seem to care that they are continuing to misinform customers.
0 Likes