Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » Crypto   (RSS)
Thursday, September 17, 2009 7:36 AM

Cool new features in 2k8 R2 for Certificate Services

I really dont like posting about another post.. but its too cool not to in this case :) There are some really awesome new features for Cert Services in 2k8 R2.. check it out in the Certificate Enrollment Web Services Whitepaper Original post: http://blogs.technet.com/pki/archive/2009/09/15/certificate-enrollment-web-services-whitepaper.aspx
Posted by SpatDSG | 0 Comments
Filed under:
Wednesday, December 10, 2008 7:35 AM

Joining a domain via Smartcards

http://technet.microsoft.com/en-us/library/cc721959.aspx undefined A snip from the article: Smart card root certificate requirements for use when joining a domain When using a smart card to join a domain, the smart card certificate must comply with one
Posted by SpatDSG | 0 Comments
Filed under:
Monday, October 20, 2008 7:40 AM

Honey, I lost the (private) keys -- EFS keys missing?

Interesting EFS issue the other day.. Customer was rolling out EFS so they set up DRA's and this worked great. When they encrypted files the DRA's showed up just fine in the file information. However, when they went to decrypt a file via the assigned
Posted by SpatDSG | 0 Comments
Filed under:
Thursday, July 31, 2008 8:12 AM

Get Serial number, expiry date, subject name and subject alternative names in script

The question was something like this: ..."What I need to be able to do is iterate through each certificate in the Local Machine’s Personal store and spit out at least the serial number, expiry date, subject name and subject alternative names." Here is
Posted by SpatDSG | 2 Comments
Filed under:
Wednesday, April 02, 2008 12:45 PM

How to use Certificate Services Web enrollment pages together with Windows Vista or Windows Server 2008

Wheww!! we finally have the matrix for what works, what doesnt and how to fix it :) http://support.microsoft.com/kb/922706/en-us SUMMARY loadTOCNode(1, 'summary'); The Windows Server 2003 Certificate Services Web enrollment functionality relies on an
Posted by SpatDSG | 0 Comments
Filed under:
Monday, February 18, 2008 7:31 AM

EFS failures after upgrade to 2008

FYI .. ( havent had time to finish the kerb posts.. but here is an important FYI ) http://www.microsoft.com/downloads/details.aspx?FamilyID=fd786261-d278-40db-baf8-70f42d786223&displaylang=en Overview When a user encrypts a file stored on a Windows
Posted by SpatDSG | 0 Comments
Filed under:
Wednesday, August 08, 2007 7:20 AM

Putting CAPI2 logging to good use...

So there was a problem with a printer which you could connect to via SSL in order to print via IPP. You go in and configure the printer via a web page like so: Create New Self-Signed Certificate Create a new self-signed certificate. Warning: This operation
Posted by SpatDSG | 1 Comments
Filed under:
Tuesday, August 07, 2007 7:39 AM

Is there any debug logs or tracing logs can help us to monitor certificate importing or EFS decrypting?

This is a recent question I saw ... You can track detailed EFS events such as EFS decrypt\encrypt and EFS engine cert enrollment via the EFS debug logging in Vista. In addition – Vista has new DPAPI logging for auditing its usage ( DPAPI is what EFS uses
Posted by SpatDSG | 0 Comments
Filed under:
Thursday, July 19, 2007 7:42 AM

Notify users of cert expiration...

A recent mail thread was asking about querying for cert about to expire and notifying the users of this. You could do it a few ways.. Run some kind of svc\logon script etc.. on the clients - which tracked the stores and cert data. Query the CA DB directly
Posted by SpatDSG | 3 Comments
Filed under:
Tuesday, June 19, 2007 9:33 AM

Credential Roaming hotfix...

Just a slight detour from our debugging stuff for some new info on credential roaming\DIMS ... http://support.microsoft.com/?id=934797 The size of the Ntds.dit file on the domain controller grows continually larger after you enable the "Credential Roaming"
Posted by SpatDSG | 1 Comments
Filed under:
Thursday, June 07, 2007 7:10 AM

EFS and Vista... and XP

I just wanted to make sure folks realized that Vista and XP EFS files aren't exactly compatible... Here was a snip from a recent question: " I’m asking this question on behalf of another colleague. He’s having problems accessing encrypted files on a removable
Posted by SpatDSG | 6 Comments
Filed under:
Monday, May 14, 2007 7:31 AM

New Security code samples...

Dan, over at JWSecure has written a bunch of new samples for some difficult to use API's ( previously he also wrote some cred prov samples ) The new batch includes a CNG plugin to implement a new cipher algorithm in Vista - cool stuff. I especially liked
Posted by SpatDSG | 0 Comments
Filed under:
Wednesday, May 09, 2007 7:15 AM

Smartcard logon over Terminal Services ( RDP redirection ) pII ( vista FYI )

It seems I do spend a fair bit of time with smartcards lately, but I have some other interesting posts planned as well. Anyway, this is kind of a heads up to an interesting issue with Vista. We changed some of the way things work ( for the better ) in
Posted by SpatDSG | 4 Comments
Filed under:
Monday, April 30, 2007 3:47 PM

LH Beta 3 OCSP doc..

This white paper describes the concepts behind and steps needed to install, configure, and troubleshoot the Microsoft Online Responder, a role service that is used to implement online certificate status protocol (OCSP) revocation checking in Active Directory
Posted by SpatDSG | 0 Comments
Filed under:
Tuesday, April 24, 2007 2:26 PM

Support WebCast: Credential Roaming Basics

If you want to know more about DIMS ( credential roaming ) this may be interesting to you. Webcast on April 26th - see http://support.microsoft.com/kb/935441 spatdsg
Posted by SpatDSG | 0 Comments
Filed under:
More Posts Next page »
 
Page view tracker