security
15 TopicsGetting Prompted for Username and Password on Internal Web Site, HTTP Error 401.2 - Unauthorized.
I have an internal web site that uses Windows Authentication. This works perfectly on my Microsoft Windows Server 2022 Datacenter Azure Edition which is my developer server. When I tried to put this site out on our test Microsoft Windows Server 2022 Datacenter Azure Edition, with the exact same setup, I get prompted for my Username and Password. It does not matter what I have tried to enter for Username and Password, nothing is ever accepted and it I hit cancel, I get the dreaded HTTP Error 401.2 - Unauthorized. I don't understand why this would work on 1 server, but not the other server. HTTP Error 401.2 - Unauthorized You are not authorized to view this page due to invalid authentication headers.129Views0likes0CommentsI'm curious, is the MS Disk Manager a descendant of Kroll-Ontrack's 1985 Disk Manager®?
I've been doing some research on Kroll's dive into the software industry that led them into data recovery and formation of Ontrack Data Recovery in 1987? Does anyone here know if there was any connection to Microsoft and the MS Disk Manager? I can't post this. I keep getting message to correct highlighted errors, but no such errors exist, and nothing is highlighted. Now I'm getting post flooding error message:?? Post flooding detected (user tried to post more than 2 messages within 300 seconds) Aw, hell with this.515Views0likes1CommentIntegrate with SharePoint online API through console application which hosted on onprem windows VM
I have the below console application which is hosted on a local windows VM, which integrates with SharePoint Online. the console application authenticates with SharePoint using ClientId, TenantID & Certificate, as follow:- using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging; using PnP.Core.Auth; using PnP.Core.Model.SharePoint; using PnP.Core.Model.Teams; using PnP.Core.QueryModel; using PnP.Core.Services; using PnP.Core.Services.Builder.Configuration; using System; using System.Collections; using System.Collections.Generic; using System.Globalization; using System.Runtime.CompilerServices; using System.Security.Cryptography.X509Certificates; using static Microsoft.ApplicationInsights.MetricDimensionNames.TelemetryContext; using static System.Net.Mime.MediaTypeNames; namespace ConsoleApp4 { internal class Program { static async Task Main(string[] args) { var tenantId = "b***c"; var clientId = "7*****9"; var certificatePath = @"c:\CERT\SPDashBoardIntegration.pfx"; var certificatePassword = "***"; // Initialize a new service collection var serviceCollection = new ServiceCollection(); // Load the certificate var certificate = new X509Certificate2(certificatePath, certificatePassword, X509KeyStorageFlags.Exportable); // Configure logging serviceCollection.AddLogging(builder => { builder.AddConsole(); }); // Add and configure PnP Core SDK serviceCollection.AddPnPCore(options => { options.PnPContext.GraphFirst = true; // Set true if you prefer to use Graph over CSOM when possible // options.HttpRequests.UserAgent = "ISV|Contoso|ProductX"; options.Sites.Add("SiteToWorkWith", new PnPCoreSiteOptions { SiteUrl = "https://********.sharepoint.com/sites/********-******", AuthenticationProvider = new X509CertificateAuthenticationProvider(clientId, tenantId, certificate) }); }); Now my question is if this is a secure approach? I mean when the VM sends the ClientID, Client Secret & Certificate to SharePoint Online, will that info be secure on the network? i mean will the console application communicate with SharePoint in a secure way when it sends the credentials (ClientID, Client Secret & Certificate)? If not, then how we can secure this? Thanks299Views0likes0CommentsLeveraging Tower Servers with Windows Server for Developers
Hello Microsoft Tech Community, I hope everyone is having a productive and innovative journey with Windows Server. Today, I'd like to initiate a discussion focused on "Windows Server for Developers" with a particular emphasis on tower server configurations. Tower servers can be a powerful tool for developers, and I believe that the collective knowledge of this community can provide valuable insights. Discussion Overview: Developers often rely on Windows Server for various tasks, ranging from software development to testing and deployment. When it comes to tower server configurations, there are specific considerations and opportunities that can benefit developers. Here are some key points for our discussion: Development Environments: How can tower servers be optimized to create robust development environments for Windows Server-based applications? Share your tips and best practices. Testing and Debugging: Tower servers offer flexibility and scalability for testing and debugging applications. What features of Windows Server do you find most useful in this context? Deployment Strategies: Tower servers (lenovo.com/ch/de/c/servers-storage/servers/towers/) can be used for local or remote deployment of applications. What deployment strategies or tools have you found effective with Windows Server? Resource Allocation: Tower servers come in various hardware configurations. How can developers efficiently allocate resources like CPU, RAM, and storage for their development needs? Request for Insights: I'm initiating this discussion to learn from the diverse experiences of the Microsoft Tech Community. Whether you're a developer, system administrator, or someone passionate about technology, your insights and knowledge are invaluable. Please share your thoughts, experiences, questions, or recommendations related to using Windows Server on tower servers for development purposes. Let's explore how developers can harness the full potential of tower servers in their Windows Server workflows. Thank you in advance for your contributions to this discussion. Best regards, Abhraham denis650Views0likes0CommentsDomain connectivity issues
Hello , I have a User who is attempting to log in into Windows,the User account is Active in Active directory (AD) ,He Has successfully logged into the VPN, but He encountered an error Message indicating He is not connected to the available Domain and need to connect to their organization tobe added to the domain. Could anyone offer assistance with this issue ? Thank youenable secure boot, the system cann't start up
Hi all: After enable secure boot, the windows system cann't start up which is install on dapustor nvme ssd . and have this error: " Unable to load the firmware from PCIe SSD in Slot 6 in Bay 1 because of the Secure Boot policy. Log Sequence Number:668 Detailed Description: When the Secure Boot feature is enabled, the system BIOS authenticates each UEFI driver against the Secure Boot policy. If a UEFI driver does not meet the policy criteria, the system BIOS does not load or execute the UEFI driver and displays this message at the end of POST. The Secure Boot policy consists of authorized and unauthorized X.509 certificates; signed drivers must chain to an authorized certificate. The policy may also authorize hash values of individual UEFI driver images. Users can configure the Secure Boot feature and the Secure Boot policy in F2 System Setup > System BIOS > Security Settings page. Recommended Action: If the Secure Boot feature is not desired, disable it in System Setup > System BIOS > Security Settings page. Otherwise, do the following: 1) Make sure the firmware on the failing device is up-to-date. 2) If subsequent failures occur, review the Secure Boot Policy Summary in System Setup > System BIOS > Security Settings page. The device firmware must be authorized by a public key or hash value in the Authorized Signature Database. The public key or hash value must not be present in the Forbidden Signature Database. " How can I make dapustor nvme ssd disks support secure boot ? Looking forward to hearing from you! Thanks, Regards springee1.1KViews0likes0CommentsAdd Template Support for Custom Policy Module for Enterprise CA
Hi all, I hope, I'm in the right community hub here. We are developing a custom policy module which should do nothing else than change adapt some values given by the CSR for a set of given templates. Despite we did quite an amount of research we weren't able to find more than the Microsoft Documentation and the sample (also provided by MS) here: https://github.com/microsoft/Windows-classic-samples/tree/main/Samples/Win7Samples/security/certificateservices/policy/c%2B%2B/WindowsServer2008R2 So, the required functionality can easily be implemented, BUT This sample has no security enabled and does not respect the settings given by the template. E.g. if the template says that a certificate should be valid for 1 year the CA still issues certificates that are valid for 2 years. Is there somewhere any source code available which is suitable for an Enterprise CA that we could take as a base or any other hint where to look for apart from the usual MS Docu which is not very extensive in that respect? Any hints or help would be greatly appreciated.890Views0likes0CommentsIs there a way to set different TLS cipher suites as server and as client separately?
Hi, I have an ASP .Net app hosted on IIS, Windows Server. The app needs to call external web APIs. For the app, I would like to set only a few secure TLS cipher suites as a server, but the app needs to use other (not so secure) cipher suites as a client for the external APIs. TLS Cipher Suite Order configuration works for both of server and client. Is there a way to set different TLS cipher suites as server and as client separately?712Views0likes0Comments