Security Solutions
 | KDC Event ID 16 or 27 is logged if DES for Kerberos is disabled |
In Windows 7 and in Windows Server 2008 R2, the Data Encryption Standard (DES) encryption types for Kerberos are disabled by default. This article will help you determine if you need DES encryption in your environment and, if so, how to enable it. | |
| Events 1925, 1006, 1645, 1055, 40961 on a Windows Server 2008-based domain controller or error message: "No authority could be contacted for authentication" when you use Remote Desktop Connection |
| "Recovery policy configured for this system contains invalid recovery certificate" or "ERROR_BAD_RECOVERY_POLICY" error when encrypting a file |
The Encrypting File System (EFS) recovery policy that is implemented on this computer contains one or more EFS recovery agent certificates that have expired. This TechNet troubleshooting article describes the issue and solution. | |
| Best Practices for Certificate Authority (CA) and Public Key Infrastructure PKI implementation |
This document provides guidance for the planning and implementation of a Microsoft Windows Server 2008 and Windows Server 2008 R2 public key infrastructure (PKI) using Suite B compliant cryptographic algorithms. | |
| Unable to logon with Event ID 11, duplicate Service Principal Name registered for client |
| How to Request a Certificate with a Custom Subject Alternative Name |
This guide describes security best practices for allowing custom SANs in certificates and provides procedures that can be used to request a certificate with a SAN. | |
| How to configure Security Auditing |
This step-by-step guide demonstrates the process of setting up an advanced Windows 7 and Windows Server 2008 R2 security auditing policy infrastructure. | |
| Expired Certficate Revocation List (CRL) causes certificate failure during SmartCard logon |
You receive a "Logon failure" message when you use a smart card on a Windows Server-based computer. | |
| How to use LDAP over SSL (LDAPS) |
By default, LDAP communications between client and server applications are not encrypted. If your organizational security policies specify that LDAP communications between client and server computers should be encrypted., this blog post provides the steps to enable LDAP over SSL. | |
| Certificate enrollment fails with error "No template could be found. There are no CAs from which you have permission to request a certificate, or an error occurred while accessing the Active Directory" |
| How To Configure Bitlocker backup in Active Directory |
This document describes how to configure Active Directory® to back up recovery information for Windows® BitLocker™ Drive Encryption (BitLocker) and the Trusted Platform Module (TPM). |
