September 23, 2014
In the last Recent days I've handle with CSP issue in ADFS environment
When i got this error message at the end of the ADFS wizard:
The certificates with the CNG private key are not supported. Use a certificate based on a key pair generated by a legacy Cryptographic Service Provider
The problem occurred because of "next generation" template's CSP certificate.
Creating new template (2003) and pick for :
Microsoft DH SChannel Cryptographic Provider
Microsoft RSA SChannel Cryptographic Provider
As mentioned here:
Creating new certificate and import it to ADFS's local machine store.
Try running ADFS's Wizard again.
September 15, 2014
In the last recent days i've handle with permissions to certificate template issue,with this message error type:
The permissions on the certificate template do not allow the current user to enroll for this type of certificate.
You do not have permission to request this type of certificate
This issue caused by an incorrect Certificate Template permission .
Solution: grant Authenticated users Enroll permission:
1.Open MMC, click File menu, choose Add/Remove Snap-in, choose Certificate Templates, click OK.
2.Double-click the certificate template you used to request certificate, go forward to Security tab, selected Authenticated users, click Enroll option. Click OK.
3.Open CA console, stop CA service and...
September 11, 2014
To be able to add url or address , Separate multiple addresses with a semi-colon .
The following scenarios would causes internet connection problem in IE Exceptions:
1. Blank space
2. Missing data with . Or *
3. Addresses beginning with "
Client Registry get new data from GPO Server:
Displays on IE Proxy Settings:
September 10, 2014
This security update resolves one publicly disclosed and thirty-six privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
September 9, 2014
As You probably all know , certificates placed under MMC Current User/Local Machine Stores,
The physical registry of the certificates point to the Thumbprint certificate itself.
September 8, 2014
Recovering an Archived Private Key with the following steps:
1. The Certificate Manager should:
a. Identifies the certificate
b. Determines the KRAs
c. Extracts the PKCS #7 blob
2. The KRA:
a. Recover the private key
b. Securely transports the PKCS #12 file to the user
Imports the recovered private key
September 2, 2014
LDAP Bind function call failed 1006
The following error appears in the System event log:
Event ID: 1006
Description: The processing of Group Policy failed. Windows could not authenticate to the Active Directory service on a domain controller. (LDAP Bind function call failed). Look in the details tab for error code and description.
Task Category: None
The event source is GroupPolicy, the group policy client. The description tells the processing of group policies failed, because Windows could not authenticate to the Active Directory service server side ,a explanation from the fact the LDAP Bind function call has failed with...