Tag Archive: Security

Apr 12 2019

Blocking Remote Access for Local Accounts by Group Policy

It is all about security now, and no matter how restrictive we configure our firewall rules and filters, we still got the internal users. They are the ones that click in the wrong places and install the wrong software, and when the wrong stuff get’s into our network, it can do a lot of damage.

Continue reading »

Nov 28 2017

Configure Certification Authority Distinguished Name

When building either an Enterprise Certification Authority or a Standalone Certification Authority we have to provide some information during the configuration wizard. In this article, a short one I must say, and a completion of the two mentioned above,

Continue reading »

May 09 2017

VMware vSphere 6: Configure VMCA as a Subordinate CA

I must say that VMware has done a great job with the vCenter server appliance. Not only is easy and fast to deploy but it also gives us the ability to change its certificate using a nice menu screen that they called it vSphere 6.0 Certificate Manager. As you know, changing certificates

Continue reading »

Oct 28 2016

Configuring certificates in 2012/R2 Remote Desktop Services (RDS)

Nowadays, IT security it’s a serious deal, and Remote Desktop Services is no exception especially if there are external clients connecting to the infrastructure. In order to make it easier for those clients to connect, we as administrators have to configure these services as smooth and transparent as possible, and to secure them, we will …

Continue reading »

Oct 17 2016

Creating a 3-Leg Perimeter Network (DMZ) with TMG 2010

You’ve been thinking on moving some internal services more closely to the internet to provide a better experience for your users, and you’ve heard that by creating a Demilitarized Zone (DMZ) will help you accomplish that, with security in place. Creating forests and domains that will be exposed to the internet might be another reason …

Continue reading »

Sep 25 2014

Creating Standalone and Enterprise (EMS) TMG 2010 Arrays – Domain Environment –

OK, so you have your Microsoft Forefront Threat Management Gateway 2010 (TMG) protecting your services in the infrastructure, and is doing a pretty good job too. I agree with you, but this TMG server of yours can fail, and if it fails all those services will either get unprotected or users can’t access them anymore. …

Continue reading »

Sep 17 2014

Configuring Hyper-V Replica using Certificate-Based Authentication (HTTPS)

You know that starting with Windows Server 2012 Hyper-V has a new feature that replicates VMs from one host to another for a disaster recovery scenario! I talked about it in this article; but configuring replication that way over non-trusted networks

Continue reading »

Aug 06 2014

Set Up Automatic Certificate Enrollment (Autoenroll)

Managing certificates usually does not need to much intervention. Issuing and enrolling for certificates, again is a piece-of-cake… in a small environment. But if you are running more than let’s say 50 workstations and servers enrolling for certificates is a week job, if not more.

Continue reading »

Jul 25 2014

Changing the Directory Services Restore Mode (DSRM) Admin Password

We all know how important passwords are especially those for domain administrators accounts, because those accounts have rights to log in to domain controllers. If the password of one of those accounts is compromised, access to your domain controllers is granted. You know what could happen next.

Continue reading »

Oct 27 2013

Installing and configuring a Microsoft Online Certificate Status Protocol (OCSP) Responder

Starting with Windows 2008 Microsoft has an Online Certification Status Protocol (OCSP) Responder feature. Many of you wonder what this is, and I’m going to explain this the best I can. Until OCSP came out, those companies that have their own Certification Authority had to publish to a web server or a LDAP path the …

Continue reading »

Older posts «

css.php