Tag Archive: Security

May 09 2017

VMware vSphere 6: Configure VMCA as a Subordinate CA

I must say that VMware has done a great job with the vCenter server appliance. Not only is easy and fast to deploy but it also gives us the ability to change its certificate using a nice menu screen that they called it vSphere 6.0 Certificate Manager. As you know, changing certificates

Continue reading »

Oct 28 2016

Configuring certificates in 2012/R2 Remote Desktop Services (RDS)

Nowadays, IT security it’s a serious deal, and Remote Desktop Services is no exception especially if there are external clients connecting to the infrastructure. In order to make it easier for those clients to connect, we as administrators have to configure these services as smooth and transparent as possible, and to secure them, we will …

Continue reading »

Oct 17 2016

Creating a 3-Leg Perimeter Network (DMZ) with TMG 2010

You’ve been thinking on moving some internal services more closely to the internet to provide a better experience for your users, and you’ve heard that by creating a Demilitarized Zone (DMZ) will help you accomplish that, with security in place. Creating forests and domains that will be exposed to the internet might be another reason …

Continue reading »

Sep 25 2014

Creating Standalone and Enterprise (EMS) TMG 2010 Arrays – Domain Environment –

OK, so you have your Microsoft Forefront Threat Management Gateway 2010 (TMG) protecting your services in the infrastructure, and is doing a pretty good job too. I agree with you, but this TMG server of yours can fail, and if it fails all those services will either get unprotected or users can’t access them anymore. …

Continue reading »

Sep 17 2014

Configuring Hyper-V Replica using Certificate-Based Authentication (HTTPS)

You know that starting with Windows Server 2012 Hyper-V has a new feature that replicates VMs from one host to another for a disaster recovery scenario! I talked about it in this article; but configuring replication that way over non-trusted networks

Continue reading »

Aug 06 2014

Set Up Automatic Certificate Enrollment (Autoenroll)

Managing certificates usually does not need to much intervention. Issuing and enrolling for certificates, again is a piece-of-cake… in a small environment. But if you are running more than let’s say 50 workstations and servers enrolling for certificates is a week job, if not more.

Continue reading »

Jul 25 2014

Changing the Directory Services Restore Mode (DSRM) Admin Password

We all know how important passwords are especially those for domain administrators accounts, because those accounts have rights to log in to domain controllers. If the password of one of those accounts is compromised, access to your domain controllers is granted. You know what could happen next.

Continue reading »

Oct 27 2013

Installing and configuring a Microsoft Online Certificate Status Protocol (OCSP) Responder

Starting with Windows 2008 Microsoft has an Online Certification Status Protocol (OCSP) Responder feature. Many of you wonder what this is, and I’m going to explain this the best I can. Until OCSP came out, those companies that have their own Certification Authority had to publish to a web server or a LDAP path the …

Continue reading »

May 29 2013

Restrict users from login to Remote Desktop Web Access

If you are working with Remote Desktop Services, and especially with Remote Desktop Web Access, you might know by now that every domain user can log in to that interface, even if that user has no application published. Most of the administrators don’t even care about this, because if the user can’t see an application …

Continue reading »

Apr 14 2013

Deploying and Configuring an Read-Only Domain Controller (RODC)

I know most of you have to maintain branch offices, and they are not easy and especially not secure. Domain controllers in those locations can be easily stolen or compromise, leaving your users and your network vulnerable to attacks. Microsoft thought about this, and starting with Windows Server 2008 they implemented a feature in the …

Continue reading »

Older posts «

css.php