Category Archive: Microsoft

Jun 27 2018

How to Publish the CRL and AIA on a Separate Web Server

I have been talking about Enterprise PKI and how to build a multi-tier PKI¬†infrastructure, but never talked in depth about the Authority Information Access (AIA) and Certificate Revocation List Distribution Point (CDP) extensions. In this article I want to extend the discussion about this certificates extensions since they are very important to understand and how …

Continue reading »

Nov 28 2017

Configure Certification Authority Distinguished Name

When building either an Enterprise Certification Authority or a Standalone Certification Authority we have to provide some information during the configuration wizard. In this article, a short one I must say, and a completion of the two mentioned above,

Continue reading »

Nov 13 2017

Configure DC to synchronize time with external NTP server

As you probably know, in a domain environment there is a domain controller that is special compared to the others. This domain controller, besides other functions also keeps the time in sync in the entire domain/forest; meaning all the workstations, servers, and the rest of the

Continue reading »

Oct 27 2017

Upgrading 2012 R2 Cluster to 2016 using Cluster OS Rolling Upgrade

Server 2016 is out for a while now, so I thought it will be a good time to write about one of the new features that Microsoft implemented in their latest server operating system for which I was really hopping for. They called it Cluster OS Rolling Upgrade.

Continue reading »

Oct 03 2017

Migrating from FRS to DFSR

You’ve migrated your domain to the latest version, but did you really? I’m asking this question because I’ve seen a lot of Active Directory environments migrated but not at 100%. Before making my point here, let me start with a little refresher for those that forgot about SYSVOL.

Continue reading »

May 09 2017

VMware vSphere 6: Configure VMCA as a Subordinate CA

I must say that VMware has done a great job with the vCenter server appliance. Not only is easy and fast to deploy but it also gives us the ability to change its certificate using a nice menu screen that they called it vSphere 6.0 Certificate Manager. As you know, changing certificates

Continue reading »

Feb 13 2017

Building a three-tire Windows Certification Authority Hierarchy

Security is very important all over the internet but it’s also important in an organization, and it gets easier or harder to implement it depending on the size of the organization. Now I know, and you know, that there are many ways and many types of security implementations,

Continue reading »

Oct 28 2016

Configuring certificates in 2012/R2 Remote Desktop Services (RDS)

Nowadays, IT security it’s a serious deal, and Remote Desktop Services is no exception especially if there are external clients connecting to the infrastructure. In order to make it easier for those clients to connect, we as administrators have to configure these services as smooth and transparent as possible, and to secure them, we will …

Continue reading »

Oct 17 2016

Creating a 3-Leg Perimeter Network (DMZ) with TMG 2010

You’ve been thinking on moving some internal services more closely to the internet to provide a better experience for your users, and you’ve heard that by creating a Demilitarized Zone (DMZ) will help you accomplish that, with security in place. Creating forests and domains that will be exposed to the internet might be another reason …

Continue reading »

Sep 27 2016

Creating Active Directory Forest Trusts

Most companies nowadays have, or they prepare having multiple Active Directory forests in their environment, and as you know, forests are a completely different entity compared to an additional domain or tree. One forest does not trust another one, and can’t share information with another forest, unless a trust is created between the two. Usually …

Continue reading »

Older posts «

css.php