CLM on x64 host

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
 - 1
 - Certificate Services The format of the speicified domain is invali I am receiving a faile request when trying to generate a user certificate from our web server. I am able to get certificates without of a problem from our domain controller. However I just recently setup and outside certificate request on our windows 2000 server in the dmz. I pointed the site when installing the certificate web services at our or 2003 DC and everything seemed to go fine. However when I go through and request a certificate it is failing with the error "The format of the specified domain is invalid" Tag: CLM on x64 host Tag: 98702
 - 2
 - Microsoft Folder with large number (486,692) of files While looking into system perfomance, i found a folder with 400,000+ 384 byte files, each with a guid as filename. there is one other file alongside folder s-1-5-19 called CREDHIST the folder is c:\documents and settings\localservice\application data\microsoft\protect\s-1-5-19\ it shows as size 163MB, on disk 1.77GB creation date april 2008 it causes problems with search and virus scan although a dos scan reports it and its contents to be clean. (mcafee) i alkso have windows defender installed and it does not report any problems. the folder i found originally was c:\documents and settings\localservice\application data\microsoft\media centre\protect\s-1-5-19\ but i deleted that to see what would happen and the first named folder appeared in its place. i am concerned that this is a trojan of some sort. however, it is possible that it is a genuine microsoft system folder since s-1-5-19 is a localservice id. can anyone shed some light please? Tag: CLM on x64 host Tag: 98700
 - 3
 - JS file content found on my PC Hi - I'm still experimenting with this machine. I found a temp file which contains the information listed below. Has anyone any idea what effect such a file will have on this PC? (XP Home, SP3 and all updates). Thank you in advance for any insight you may be able to provide. Dave /* * ====================== dir.js ======================== * ====== Javascript include for director.hta =========== * ====================================================== */ // initialize global variables var debug = new Boolean; // loaded from persist. var hintsOpen = new Boolean; // loaded from persist. var hintsWidth = 175; var totalWidth = 0; var currentDevice; var windowHeight = 190; // set for current container app. HTA: 190, HTM/IE: 300 var minWindowWidth = 220; // w/o width of <select> and 'settings' var widthAdjust = -27; /// set for current container app. HTA: 190, HTM/IE: -3 var updateInProgress = new Boolean; //Added by Brent var doubleClicked = false; var currentButton; window.onload=initialize function initialize() { updateInProgress = false; debug = false; initializeDevices(); loadPersist(); setCurrentDevice(); updateLayout(); } function setCurrentDevice() { // was app started with a context id var ctxID = window.external.ContextID; if (ctxID == "") return; for (var i = 0; i < oDevice.length; i++) { if (oDevice[i].devID == ctxID) { currentDevice = i; break; } } } function changeDevice(device) { currentDevice=device; updateLayout(); savePersist(); } function expandHints() { if (updateInProgress) return; updateInProgress = true; hintsOpen = !hintsOpen; updateLayout(); savePersist(); } function toggleDebug() { // debug = !debug // updateLayout() } function initializeDevices() { // populate oDevice data structure from Devices.xml oDevice = new Array; var xml = new ActiveXObject("msxml"); //Get file path for devices.xml in User's App Data directory //Start with 'file:///' var devFilePath = new String("file:\/\/\/"); //Get the path for the file from call to COM code devFilePath += window.external.GetAppDataPath(); //Replace all '\\' occurrences with '/' devFilePath = devFilePath.replace(/\\/g,"\/"); //Replace spaces with '%20' devFilePath = devFilePath.replace(/\s/g,"%20"); //Add the name of the file devFilePath += "devices.xml" xml.URL = devFilePath; devicesXML = xml.root.children; for ( var i=0; i<devicesXML.length; i++ ) { // could eliminate this intermediate data structure oDevice[i] = new Object; oDevice[i].devID = devicesXML.item(i).children.item(0).text; oDevice[i].id = devicesXML.item(i).children.item(1).text; oDevice[i].service = new Array; services = devicesXML.item(i).children.item(2).children for ( var j=0; j<services.length; j++ ) { oDevice[i].service[j] = new Object; oDevice[i].service[j].serviceID = services.item(j).children.item(0).text; oDevice[i].service[j].action = services.item(j).children.item(1).text oDevice[i].service[j].status = services.item(j).children.item(2).text } if ((devicesXML.item(i).children.length > 3) && (devicesXML.item(i).children.item(3).tagname == "STATUS")) oDevice[i].statusmon = devicesXML.item(i).children.item(3).children.item(0).text; else oDevice[i].statusmon = null; } if ( debug ) { alert( "found "+ devicesXML.length +" devices")} } function externalGetData(name) { return window.external.GetPersistentData(name); } function loadPersist() { // replace with Persistence code hintsOpen = true; debug = false; currentDevice = 0; //var persistHints = window.external.GetPersistentData("hintsOpen"); var persistHints = externalGetData("hintsOpen"); if (persistHints != "") { hintsOpen = eval(unescape(persistHints)); } //var persistDevice = window.external.GetPersistentData("currentDevice"); var persistDevice = externalGetData("currentDevice"); if (persistDevice != "") { var devID = unescape(persistDevice); for (var j = 0; j < oDevice.length; j++) { if (oDevice[j].devID == devID) { currentDevice = j; break; } } } window.resizeTo(663,windowHeight) // } function externalSaveData(name, value) { window.external.SavePersistentData(name, value); } function savePersist() { externalSaveData("hintsOpen", escape(hintsOpen)); externalSaveData("currentDevice", escape(oDevice[currentDevice].devID)); } function updateLayout() { // debug stuff =================================== if ( debug ) { oAllButtons.style.border = "1px solid black" oIconBackground.style.border = "1px solid cyan" oHintsTitle.style.border = "1px dashed black" oHintsText.style.border = "1px dotted black" oIconBackground.style.backgroundColor = "yellow" oHintBackground.style.backgroundColor = "red" oAllButtons.style.visibility = "visible" // debug stuff =================================== } else { oAllButtons.style.visibility = "hidden" } // update Select oSelect.options.length = 0; for ( var i=0; i< devicesXML.length; i++ ) { var oOption = document.createElement("OPTION"); oOption.text=oDevice[i].id; oSelect.options.add(oOption); } // select the current device in the drop down combo box oSelect.selectedIndex = currentDevice // assign the access key to 'Select Device' var selectText = tdcStrings.recordset("dir-label-select").value; var selectAccKeyIndex = selectText.toLowerCase().indexOf(""); if (selectAccKeyIndex >= 0) { oSelect.accessKey = selectText.substr(selectAccKeyIndex + 3, 1); } // assign the access key to 'Settings' menu item var settingsText = tdcStrings.recordset("settings-title").value; var settingsAccKeyIndex = settingsText.toLowerCase().indexOf(""); if (settingsAccKeyIndex >= 0) { settingstitle.accessKey = settingsText.substr(settingsAccKeyIndex + 3, 1); } // assign the access key to 'Status' menu item var statusText = tdcStrings.recordset("status-title").value; var statusAccKeyIndex = statusText.toLowerCase().indexOf(""); if (statusAccKeyIndex >= 0) { statustitle.accessKey = statusText.substr(statusAccKeyIndex + 3, 1); } // empty old buttons oAllButtons.innerHTML=""; // add new button - hidden for ( var j=0; j<oDevice[currentDevice].service.length; j++ ) { button = oDevice[currentDevice].service[j].serviceID var buttonText = tdcStrings.recordset("dir-btn-"+button).value; var accKey = null; var accKeyIndex = buttonText.toLowerCase().indexOf(""); if (accKeyIndex >= 0) { accKey = buttonText.substr(accKeyIndex + 3, 1); } html="" html+="<span id='oBtn" + button + "' " html+="class = 'service-button' onMouseOver='showHint(this.id)' "; //Updated by Brent html+="onClick = 'fnSingleClick(\" " +button+ " \");' " html+="onDblClick = 'fnDoubleClick(\" " +button+ " \");'> " html+="<img id='oImg" + button + "' " html+="style = 'margin-right:0' " if ( oDevice[currentDevice].service[j].status=="ready" ) { html+="class = 'rollover' src='img/" + button + ".bmp'>" } else { html+="src='img/" + button + "_f4.bmp'>" } html+="<a class='service-button' href=\"#\" accesskey=" + accKey + " style='text-decoration:none'> "; html+="<label for=\"oImg"+button+"\" datasrc = '#tdcStrings' datafld = 'dir-btn-" + button + "' " html+="dataFormatAs = 'HTML'></label></a>" oAllButtons.insertAdjacentHTML("beforeEnd", html) } window.setTimeout("finishLayout()" , 500); } //Single and Double click handlers added by Brent function fnSingleClick(button) { //Take a little time first currentButton = button; timer = setTimeout("if (doubleClicked == false){runApp(currentButton);}doubleClicked = false;",500); } function fnDoubleClick(button) { doubleClicked = true; currentButton = button; runApp(currentButton); } function finishLayout() { // evaluate button kerning pairs var kernWidth=0 var maxWidth=0; var widths = " widths: " for ( var i=0; i<oDevice[currentDevice].service.length - 1; i++ ) { button = oDevice[currentDevice].service[i].serviceID nextButton = oDevice[currentDevice].service[i+1].serviceID kernWidth = Math.max(kernWidth, 0.5 * (eval("oBtn" + button + ".offsetWidth") + eval("oBtn" + nextButton + ".offsetWidth"))) widths += " " + eval("oBtn" + button + ".offsetWidth") } if (debug) status = "kern:" + kernWidth + widths; // kern each button (except last) & calculate total space needed to avoid wrap totalWidth = 0; for ( var i=0; i<oDevice[currentDevice].service.length - 1; i++ ) { button = oDevice[currentDevice].service[i].serviceID thisWidth = eval("oBtn" + button + ".offsetWidth") nextButton = oDevice[currentDevice].service[i+1].serviceID nextWidth = eval("oBtn" + nextButton + ".offsetWidth") current = 0.5 * (thisWidth + nextWidth) thisButton = eval("oBtn" + button) thisKern = kernWidth - current thisButton.style.marginRight = thisKern totalWidth += thisWidth + thisKern + nextWidth * (i==oDevice[currentDevice].service.length -2) } settingstitle.style.width = settingstitle.offsetWidth; statustitle.style.width = statustitle.offsetWidth; // prepare to resize window widthBySettings = minWindowWidth + settingstitle.offsetWidth + oSelect.offsetWidth + statustitle.offsetWidth; widthByButtons = totalWidth + 95; widthBump = Math.max(0, widthBySettings - widthByButtons); windowWidth = Math.max(widthBySettings, widthByButtons); windowWidth = hintsOpen ? windowWidth + hintsWidth : windowWidth; // resize window.resizeTo(windowWidth + widthAdjust, windowHeight); // position elements rightSideButtons = oBtnhelp.offsetLeft + oBtnhelp.offsetWidth + 20; oIconBackground.style.width = rightSideButtons + widthBump + 10; oMenuMask.style.left = oSelect.offsetWidth + 60; // position drop-down menu if (document.all.menu1) document.all.menu1.style.left = oMenuMask.style.left; else oMenuMask.style.visibility = "hidden"; if (oDevice[currentDevice].statusmon) { oMenuStatusMask.style.left = oSelect.offsetWidth + settingstitle.offsetWidth + 80; oMenuStatusMask.style.visibility = "visible"; } else oMenuStatusMask.style.visibility = "hidden"; rightSideAnchor = rightSideButtons + widthBump + 10 // hints-specific if ( hintsOpen ) { oFilletTR.className="fillet-small-xlight-tr" oFilletBR.className="fillet-small-xlight-br" rightSideAnchor += hintsWidth; oHintBackground.style.width = rightSideButtons + widthBump + hintsWidth + 10 oBtnHints.style.visibility = "hidden" oBtnHintsOut.style.visibility = "visible" oHintsTitle.style.left = rightSideButtons + widthBump + 25; oHintsText.style.left = rightSideButtons + widthBump + 25; oHintBackground.style.display = "" oHintsTitle.style.display = "" oHintsText.style.display = "" } else { oFilletTR.className="fillet-small-gray-tr" oFilletBR.className="fillet-small-gray-br" oBtnHintsOut.style.visibility = "hidden" oBtnHints.style.visibility = "visible" oHintBackground.style.display = "none" oHintsTitle.style.display = "none" oHintsText.style.display = "none" oBtnHints.style.left = rightSideAnchor + 15; } // oBtnHints.style.left = rightSideAnchor + 15; oBtnHintsOut.style.left = rightSideAnchor + 15; oFilletTR.style.left = rightSideAnchor; oFilletBR.style.left = rightSideAnchor; oHPLogo.style.left = rightSideAnchor - 40; // spread out buttons if ( widthBump>0 ) { for ( var i=0; i<oDevice[currentDevice].service.length ; i++ ) { button = oDevice[currentDevice].service[i].serviceID thisButton = eval("oBtn" + button) thisButton.style.marginLeft = 0.5 * widthBump/oDevice[currentDevice].service.length thisButton.style.marginRight = 0.5 * widthBump/oDevice[currentDevice].service.length } } oAll.style.visibility = "visible"; oAllButtons.style.visibility = "visible"; // hide the drop-down list box and menu if no devices are installed if ((oDevice.length == 1) && (oDevice[0].devID == "unknown")) { oSelectLabel.style.visibility = "hidden"; oSelect.style.visibility = "hidden"; oMenuMask.style.visibility = "hidden"; } updateMenus(); updateInProgress = false; } function showHint(buttonID) { service = buttonID.substring(4); oHintsTitleLabel.dataFld="dir-hint-" + service.toLowerCase() + "-title"; oHintsLabel.dataFld="dir-hint-" + service.toLowerCase(); } function runApp(buttonID){ //alert("run: "+buttonID + " for device:" + currentDevice) //var shell = new ActiveXObject("WScript.Shell"); //shell.run(app,1,false); btnID = buttonID.substring(1, buttonID.length - 1); for (var i = 0; i < oDevice[currentDevice].service.length; i++) { if (btnID== oDevice[currentDevice].service[i].serviceID) { window.external.RunApp(btnID, oDevice[currentDevice].service[i].action, oDevice[currentDevice].devID); break; } } } // Present Settings menu based on currentDevice function processMenu() { var menuStr = "show-menu=dev"+currentDevice+"-settings"; ShM=1; popi(menuStr, 'menu1', 0); window.event.cancelBubble = true; } function processStatusBtn() { window.external.RunApp("status", oDevice[currentDevice].statusmon, oDevice[currentDevice].devID); } function processKeyDown() { //if ((window.event.altKey) && (window.event.keyCode >= 48)) //{ // alert("got key down: code="+window.event.keyCode); //} //else if (window.event.keyCode == 13) //{ // alert("got key down: code=<ENTER>"); //} //else // alert("processKeydown"); } function updateMenus() { var maxMenuWidth = 0; var menuNum = 1; while(eval("window.menu"+menuNum)) { maxMenuWidth = 0; var dirMenu=eval("menu"+menuNum); var menuName = dirMenu[0]; var menuStructIdx = getMenuStructIndex(dirMenu[0]); if (menuStructIdx >= 0) { for (var i = 0; i < menuStruct[menuStructIdx].entry.length; i++) { var entryName = menuStruct[menuStructIdx].entry[i].name; var elem = eval("document.all('"+entryName+"')"); maxMenuWidth = Math.max(maxMenuWidth, elem.offsetWidth); } if (maxMenuWidth > 0) { var ancestorElem = eval("document.all('menu"+menuNum+"')"); // add extra pixels for the border and submenu image (arrow bitmap) maxMenuWidth += (dirMenu[4] * 2) + 8; //if (maxMenuWidth > document.all('menu1').offsetLeft) // maxMenuWidth = document.all('menu1').offsetLeft; ancestorElem.style.width = maxMenuWidth+"px"; for (var j = 0; j < ancestorElem.children.length; j++) { var childElem = ancestorElem.children[j]; if ((childElem.children.length > 0) && (childElem.children[0].style.width)) childElem.children[0].style.width = maxMenuWidth+"px"; } } } menuNum++; } sis(); } Tag: CLM on x64 host Tag: 98690
 - 4
 - Windows 2000 subordinate CA ---> 2003 I have a Windows 2000 subordinate CA in my domain that I want to upgrade to 2003. I would like to create a VMware virtual Windows 2003 virtual server and make it my CA because the physical hardware is old. Is this possible without upgrading the 2000 server to 2003? If it's not possible and I have to upgrade the exisiting server to 2003 along with certificate services, what steps do I take to make sure I have proper backups of my CA that are required if the upgrade does not go well for some reason? Any help would greatly be appreciated. Tag: CLM on x64 host Tag: 98674
 - 5
 - CertStoreOpen Function Hello to all friends! I am using an example program in MS Visual C++ taken from MSDN at http://msdn.microsoft.com/en-us/library/aa382372(VS.85).aspx. I created a certificate using makecert -n "CN=Test" -sk Test -ss my Test.cer This created a store 'my' and a Test.cer file. i see 'Test.cer' there in ...\vc\bin folder. I could not find any store with the name 'my'. now when i executed the code below (complete program is at the above link), [CODE] ...... #define SIGNER_NAME L"Test" ...... #define CERT_STORE_NAME L"my" ...... if ( !( hCertStore = CertOpenStore( CERT_STORE_PROV_SYSTEM, 0, NULL, CERT_SYSTEM_STORE_CURRENT_USER, CERT_STORE_NAME))) { MyHandleError(TEXT("The MY store could not be opened.")); goto exit_SignMessage; } // Get a pointer to the signer's certificate. // This certificate must have access to the signer's private key. if(pSignerCert = CertFindCertificateInStore( hCertStore, MY_ENCODING_TYPE, 0, CERT_FIND_SUBJECT_STR, SIGNER_NAME, NULL)) { _tprintf(TEXT("The signer's certificate was found.\n")); } else { MyHandleError( TEXT("Signer certificate not found.")); goto exit_SignMessage; } [/CODE] it give error "Singer Certificate not found". Can any body help me how to solve this problem? The 'my' certificate store, is not visible. can I open the store in some editor etc to see the certificate? Or how to create a store then? regards, wilayat Tag: CLM on x64 host Tag: 98672
 - 6
 - Detecting Admin Privileges Via Code Hi All, I'm not certain if this is the best place to post this, so please educate me if it's not. Bascially, I need to know the "correct"(?) method for how to detect if a the current user has administrative privileges via c or c++ code for some installation routines. I've been striking out so far finding this in MSDN or anywhere. Any help would be appreciated. TIA, John Bowman Thermo Fisher Scientific Tag: CLM on x64 host Tag: 98668
 - 7
 - Failed to config. Forefront client security on sbs2003r2 Hi I tried to install Forefront client security to sbs server 2003 R2 but On configuring the management console wizard, I was forced to stop at the point below:- all other verification of wizard menu were passed except one item below failed :- 1. collection server component :- a) reporting server timeout adjustment - passed b) importing reports on the reporting server - passed c) reporting server adjustment (adjust reporting via web service) - failed (error) then I was forced to stop here and can not continue to the following :- 2. management server component :- a) update registry. can any one hlep to solve this problem ??? -- tsl Tag: CLM on x64 host Tag: 98657
 - 8
 - POSSIBLE HACK...PLEASE, PLEASE HELP! Three days ago, I had RoadRunner (cable internet connection) hooked up. The tech turned off both my firewalls and DIDN'T tell me! (Shame on me for not checking) Just a few minutes ago, while I was surfing, all my programs opened up, one by one. Was my computer hacked and did someone get all my personal information?! I'm running my virus program right now. What else should I do? Please help. I'm a nervous wreck right now! Thanks, Annie Tag: CLM on x64 host Tag: 98588
 - 9
 - Product Activation & re-installation I currently have a system with Windows XP operating system and Office 2007 installed. I will be updating to Vista soon and will carry out a full re-installation after a re-format of the HD. Are there any issues with the activation of my copy of Office 2007? Do I have to formally un-install it to allow the software to be re-activated? Guidance please. Tag: CLM on x64 host Tag: 98580
 - 10
 - Office 2007 authentication and re-installation I currently have a system with Windows XP operating system and Office 2007 installed. I will be updating to Vista soon and will carry out a full re-installation after a re-format of the HD. Are there any issues with the activation of my copy of Office 2007? Do I have to formally un-install it to allow the software to be re-activated? Guidance please. Tag: CLM on x64 host Tag: 98578
 - 11
 - Computer with Security from a company I got a computer from the goodwill and it has a password protected login. I tried putting admin and admin as the password but it didnt work. Can anyone tell me how to get pass the login so I can use the desk top? Tag: CLM on x64 host Tag: 98558
 - 12
 - avg 8.0 I'm trying to upgrade to AVG 8.0 from 7.5 but it keeps failing with an error Local machine: installation failed Installation: Error: Action failed for registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows: creating registry key.... Error 0x80070005 has anyone had this problem and what can I do about it. thanks, Bill Tag: CLM on x64 host Tag: 98545
 - 13
 - Windows Explorer may expose FTP passwords in plaintext If you use Windows Explorer to open an FTP site that requires a password, Explorer may display the password in clear text in the future through the autocomplete feature in Explorer's Address bar. I've tried this on one XP SP3 machine and the password DOES appear, but on another XP SP3 machine only the username appears. Steps to reproduce: 1. Open Windows Explorer and if necessary enable the display of the Address bar 2. In the Address bar, enter the URI of an FTP server that does not permit anonymous access and on which you have an account, e.g. ftp://host.domain.com/myfolder 3. Windows Explorer will prompt you for a username and password, and then will display the folder contents 4. Close Windows Explorer, then open Windows Explorer again. 5. In the Address bar, type ftp: At this point autocomplete should kick in and display the URI with at least your username and maybe the password displayed in clear text, e.g. ftp://username:password@host.domain.com/somefolder The version with the username and password don't appear in the Address bar's MRU dropdown, but just in prompts popped up by autocomplete. The password does not seem to appear in plaintext in the Registry. As I said, have one machine that reliably shows the password, and another that doesn't. Does anyone else find that the password is displayed? (No need to discuss the insecurity of FTP itself--that's not the issue here. This is about the potential for exposing previously used passwords on the desktop) Tag: CLM on x64 host Tag: 98534
 - 14
 - Forefront Managed Newsgroup Hi, I'm trying to find the above but couldn't find one. Could somebody help, cos I need to do some troubleshooting in there. Thanks. Rgds, Straw Tag: CLM on x64 host Tag: 98528
 - 15
 - help-Security Update for SQL Server 2005 Service Pack 2 (KB948109) when i try to install this upade i get error code - Error Code: 0x91B please help -- July Tag: CLM on x64 host Tag: 98497
 - 16
 - Use of Kerberos unreliable, can I force it? Hi! I had to learn that it is easily possible for clients in our network to work without Kerberos (tickets). Mostly because they boot their computer without a network connection. Those users have no Kerberos tickets (of course) but they don=92t get Kerberos tickets even after connection to our network (bug or feature?). There are also some other scenarios in which Windows relinquishes Kerberos. The problem is that we have some web applications that require a Kerberos ticket. My question: How can I switch on Kerberos as soon as they connect to the network? Or how can I force Kerberos authentication in a web application (SharePoint). Integrated Windows Authentication means NTLM or Kerberos=85 Tips would be highly appreciated. Thanks in advance! Best regards, Noel Tag: CLM on x64 host Tag: 98476
 - 17
 - Utility to Summarize User File Access Is there a utility that can scan the eventviewer security log on a file server and present management summary reports of all files a specific user accessed in a given time period? Seeing which files were accessed read only and which ones were opened for write would be very helpful as well. -- Will Tag: CLM on x64 host Tag: 98475
 - 18
 - SCEP implementation We have developed our Microsoft Server 2003 R2 PKI to issue certificates to Windows devices and to Cisco routers. The current configuration is a single Standalone Root CA which has been used to authenticate an Enterprise Subordinate CA and a Standalone Subordinate CA with SCEP. The Standalone root CA has then been taken off-line. Our Windows devices are issued certificates from the Enterprise Subordinate CA and our Cisco routers are issued certificates from the Standalone CA with SCEP. We have a backup site configured with Enterprise Subordinates and Standalone subordinates also. We are looking at consolidating this deployment by removing the standalone CA with SCEP and installing SCEP on our Enterprise Subordinate CA? This will result in all windows devices and Cisco devices being issued certificates from the one Enterprise subordinate CA. My question is: Are there any known problems, security, maintenance or operational issues with this approach? Tag: CLM on x64 host Tag: 98469
 - 19
 - Renew Subordinate CA certificate I have an Enterprise CA root server and a subordinate CA server in my domain (single domain). Both of these servers are running on Windows 2003 Enterprise edition. I was able to obtain a subordinate CA certificate when i originally set it up (this original sub CA certificate will expire on 2/2009). Now i would like to renew my subordinate CA's so the expiration date will be further out (e.g. to year 2012) so all client certificates issued by this subordinate CA will have a longer expiration date. According to this MS article, i should be able to renew it by right clicking on the sub CA server and select renew. http://technet2.microsoft.com/windowsserver/en/library/4fbf053c-c0ae-4fad-a29d-1d17f04cd5fc1033.mspx?mfr=true After the renewal request, the subordinate CA didn't get a renewed certificate. The root CA server on the other hand did show that the new certificate has been issued. But the subordinate server just didn't get it no matter how many times i restarted the server. I need help!! Tag: CLM on x64 host Tag: 98463
 - 20
 - vista anti virus vista antivirus keeps popping up on screen wanting you to sign up and pay can not delete says access not permitted how do i get rid of Tag: CLM on x64 host Tag: 98461
 - 21
 - MBSA safe against remote computers, no crashes? What are the risks of running MBSA against remote computers? I can't find enough details on how it works to feel 100% safe it won't reboot or blue screen any computer I scan. I normally do WMI queries against QFE, is that what MBSA does to check security fix levels? Tag: CLM on x64 host Tag: 98447
 - 22
 - 15401 - NT user or group not found Hi, I have just set up a domain controller and a separate database server, both running copies of 2K8 joined to the same domain. Whenever I attempt to add a domain user / group to the database server as a new login, I get the 15401 error stating that the NT user or group cannot be found. However, I can browse on the "Search..." link for the Domain account, I can ping my domain controller correctly, I have gone through all of these steps, http://support.microsoft.com/kb/324321/en-us, there are no existing users by the same name. I am suspicious that it may not have anything to do with SQL itself, but I am neither a DB Admin or a Infrastructure Admin, so I am at a loss. Any ideas?? Thanks. Tag: CLM on x64 host Tag: 98434
 - 23
 - spam problem Our isp called and said that one of our computers is sending out spam mail. What would be the best way to go about this in finding the rouge computer that's sending out spam. Thanks Tag: CLM on x64 host Tag: 98430
 - 24
 - Administrator account and lockout policy I have account lockout policy applied to the domain. I created an account (not a default administrator account) which is member of domain admin, is there a way to have this admin account exempt from this lockout policy? Thanks! Tag: CLM on x64 host Tag: 98428
 - 25
 - File/Folder permissions Hello, Is it possible to give access to view/change permissions (on files and folders)without giving access to open and read documents but while being able to traverse the entire folder structure? any help is appreciated. Thanks Tag: CLM on x64 host Tag: 98423
- Next
 - 1
 - Folder permissions and take ownership Hi, I have a need to put an Active Directory group into the Administrators group on a number of machines for various reasons which cannot be stopped. The problem is there is an application on these machines that I do no want them to be able to access and the aaplication has no ability to request crednetials etc. It's just a dumb application. I considered using FOlder permissions to lock out the local administrator group from the folder. This stopped them from running the application until I when in as one of the users and simple took ownership of the folder and gave myself access. Then I tried adding a deny take ownership of the folder to the local admin group. Again it just allowed me to take ownership assuming becuase local admins can do that regardless of the deny rule I just created. Can anyone suggest how to stop them taking ownsership and from being able to run the application? Tag: CLM on x64 host Tag: 98414
 - 2
 - Change password complexity Hi... I need to disable the password complexity in a Windows 2008. The problem is that the password complexity in my server is enable and not give me the posibility to change. Thanks a lot. Javier Valverde Tag: CLM on x64 host Tag: 98413
 - 3
 - EFS All, I am attempting to get EFS file sharing working in a 2K3 AD Environment with XP Machines. I have successfulyl installed a DRA and disabled self-signed certificates with the Windows hotfix and Group Policy option as specified in the Windows KB Article. However I still can't get EFS to work over the network. In fact since installing the above, another user can't create a new encrypted file wthin an encrypted folder. They get access denied. Another user had told me that I should enable credential roaming or roaming profiles. This was to solve multiple certificates from being issued in AD (via Enterprise CA). Would this also prevent me from sharing encrypted files? I am with an understanding that everytime a user logs on to a machine on teh network a new certificate is generated by the CA (thus roaming is needed). If this is hte case, which one do I want to use, credential roaming or roaming profiles? Thanks, -- Steve Tag: CLM on x64 host Tag: 98410
 - 4
 - Antigen slow performance Hi I recently had to test Microsoft Antigen 9 with SP1 against McAfee groupshield. Although Antigen and Groupshield were more or less the same although Antigen had 2 engines and not 1 i have a major difference. For my customer to move to Antigen they need to see that Antigen performes better. the problem is that a Manual scan is 5 times slower than groupshields manual scan. Testing in a lab with identical hardware and identical tests the Antigen machine took an hour and a half comparted to Groupshield that took only 22 minutes. Can someone help me with tweaking or configuring Antigen so that it competes with Groupshield? Tag: CLM on x64 host Tag: 98404
 - 5
 - Time Travel!! Just had my computer auto update and it has somehow time travelled into the future!? Anyone else seen the same thing? Windows Defender Definition Update for Windows Defender - KB915597 (Definition 1.31.9443.0) 05 August 2008 Other Source Windows Defender Definition Update for Windows Defender - KB915597 (Definition 1.31.9351.0) 01 August 2008 Automatic Updates Windows Defender Definition Update for Windows Defender - KB915597 (Definition 1.31.9205.0) 24 July 2008 Automatic Updates Windows XP Security Update for Windows XP (KB951748) 14 July 2008 Automatic Updates Windows Defender Definition Update for Windows Defender - KB915597 (Definition 1.37.579.0) 14 July 2008 Automatic Updates Tag: CLM on x64 host Tag: 98396
 - 6
 - scans can not complete I use Windows Defender and spybot. Everytime I try to do a scan my computer shuts down before the scan is complete... often within a few minutes of starting scan. I need to be able to do a complete scan. I have noticed my curser jumping to some bizzare spot while I am typing, but nothing else unusual. Tag: CLM on x64 host Tag: 98383
 - 7
 - My Space I support several volunteer library PC's running Win2000. Each are configured separately but run through a common router to the Internet - they do NOT run through a server. Security is set up so I have the typical Win Admin security and users have the typical "guest" security. This means guest cannot add or delete programs. But... I notice some of users will be able have the "My Space" interface on them. The only way I can remove the My Space interface is by going to Add/Delete programs in the control pannel - and I can do this logged in as guest! Why is guest allowed to add/delete myspace? Is there a flaw in the way I set up security? Thanks for a response. Tag: CLM on x64 host Tag: 98382
 - 8
 - Router firewall settings Hi, i need to know something about router firewall rules. What should i type in the this fields? Source LAN start ip address end ip address Dest WAN start ip address end ip address protocol port range What is start ip and end ip address? I know something about tcp and udp protocols. Also i need to know what is port range? Tag: CLM on x64 host Tag: 98374
 - 9
 - Patched Flaw Could Have Broken Internet Backbone A flaw in the Internet domain name system could have allowed hackers unprecedented ability to redirect traffic had it not been kept secret while vendors developed patches for it. Microsoft and others released the patches Thursday. Details in this article:- http://www.technewsworld.com/rsstory/63738.html Dave Tag: CLM on x64 host Tag: 98339
 - 10
 - Biometrics How secure and safe is biometric technology? The reason I bring this up is because I was able to log in using my finger with a band-aid attached and this definitely makes me question the security and safety of biometric technology at least as far as laptops go. I imagine there probably is lots of articles on this already but I wanted the opinions of this newsgroup. Thanks in advance for the replies. Tag: CLM on x64 host Tag: 98325
 - 11
 - cant access internet when my security cntre (zone alarm) is turned Hello, i cannot access internet nor go on msn when my security centre is turned on. when i shut down my security centre (which i think is not safe to do so) then internet and msn all works. i think it maybe an update i need to allow me to work the internet while my security centre is turned on. i even re installed my security centre (zone alarm) and did not change any settings on there afterwards. what ever it is i need to do, please can sombody help me. thank you Tag: CLM on x64 host Tag: 98322
 - 12
 - Unwrapping security on a 2003 server Hi Everybody/Anybody I have inherited a small network (2 x 2K servers & 2 x 2003 servers). DC1 is a 2K machine and DC2 is a 2003 machine. My Microsoft experience stopped in the year 2000 so I was good up to NT 3.51. The previous IT did not leave any information on how anything is/was setup. DC2 has been locked down/hardened (what ever terminology you are happy with) or hacked (the previous IT was a Linux geek). Our main administrator (could have been renamed?) account cannot access DC2 (only DC2, I have full acces to any other machine on the network) and I have tried all active directory accounts but nothing lets me into DC2. For example, there is no service pack installed on DC2 but after I install the network cards are disabled and they cannot be accessed until the service pack is removed. If I try and push Backup Exec remote agents - it asks for an account with administrator rights and that is us stuck. I wonder is somebody could point me in the right direction - on the later versions of server is this a domain controller policy issue (although I have had a look at all the configured values and cannot see anything that would lock me out) or is it local to DC2. Another factor that may be in the equation is that I believe that DC2 was built using small business server version of Windows 2003 (although it states standard but may have been hacked) and I believe SBS has unique security features. Hopefully somebody will have a laugh at my predicament and point me to areas that I should be looking at? Tag: CLM on x64 host Tag: 98315
 - 13
 - How to show Windows Credentials Prompt Simple question, already searched but really nothing found. When I try to access a network resource - of a server I not yet have authenticated against - I get a Windows Credentials Prompt. I'm developing an .net application that needs to access a network share. Is there a .net or WinAPI call I can make that shows this Windows Credentials Prompt and gives me back a token so that I can Impersonate that User to access the network resource? Without this i get security exceptions and can not access files. Impersonation by using a Token through calling LogonUser API (with user password given) works. But i would prefer showing the Windows Prompt instead of doing a own user/pass prompt. And, is there an API to check if a token exists to access a server? (checking if it is necessary to show the prompt.) thanks a lot! Tag: CLM on x64 host Tag: 98313
 - 14
 - In the group 'microsoft.public.test' I said to Peter Foldes ......... "perhaps you can help me understand why there are hundreds of posts here entitled 'ClusterSentinelNNTPPostTest' with the 'poster' being user@domain" PF usually knows the answer to most things, but this obviously has him stumped (or he's been busy elsewhere). Can anyone here explain matters? If so, I'd appreciate your view. TIA. Dave Tag: CLM on x64 host Tag: 98307
 - 15
 - Generic Host Process for Win32 Services is active in ZoneAlarm I found that two Generic Host Process for Win32 Services showed in the programs and one is active program, when I disabled it before, the updates for windows wouldn't work, is it essential to update the system? and it should be an active program when system runs? Tag: CLM on x64 host Tag: 98303
 - 16
 - Windows Updates make internet inaccesible with Zonealarm When will Zone labs/microsoft fix this problem?? Tag: CLM on x64 host Tag: 98302
 - 17
 - How to enumerate dictories where auditing is enabled? Hi! We are in the process of enabling auditing on some files servers, but it seem somebody already did it in the past, since as soon as we are enabling it in the local security policy, we got a lot of events about directory being acceded successfully/failed in the security log. Now the question is : how we could enumerate all directories where Auditing have been already enabled? Thanks. Claude Lachapelle Systems Administrator, MCSE Tag: CLM on x64 host Tag: 98297
 - 18
 - Permissions -- Unique Issue Re: XP-Pro. Only one user Account -- Admin. I have an Application("exe") which contains a DLL that is registered in :\windows\system32". The DLL provides a link to an Enterprise server and was NOT written by me. My Application ("exe") is in "c::\myprograms\test". Is there anyway to set directory permissions to make sure any unknown functions within the DLL cannot get outside of the directory? If so, how, and which directories? In other words I want to make sure the Enterprise server CANNOT use any functions within the DLL to access anything on the client other than providing the read/write data link. Tag: CLM on x64 host Tag: 98281
 - 19
 - Workgroup clients can access domain shares I have a sbs 2003 running DHCP. The Guest account has been disabled. I verified this by the net user guest command. All share permissions seem to be working fine within the Domain and the Everyone group is not listed. I have one NT machine that is on a Workgroup and gets its IP from the sbs server. It has access to all shares with no apparent restrictions. Any ideas or direction would be great. Tag: CLM on x64 host Tag: 98280
 - 20
 - FIX for ZoneAlarm & KB951748 issue released [Crossposted to Windows Update, WinXP General, IE General, Security, Security Home Users newsgroups] Resolution [was Workaround] for Sudden Loss of Internet Access Problem http://download.zonealarm.com/bin/free/pressReleases/2008/LossOfInternetAccessIssue.html (revised multiple times since release on 08 July 2008) NB: Do NOT use Option #2 if at all possible! The vulnerability addressed by KB951748 *is* a big deal! See http://blog.washingtonpost.com/securityfix/2008/07/patch_the_entire_internet_tues_1.html Want to consider other, more highly-rated firewalls? http://www.matousec.com/projects/firewall-challenge/results.php -- ~Robear Dyer (PA Bear) MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002 AumHa VSOP & Admin http://aumha.net DTS-L http://dts-l.net/ Tag: CLM on x64 host Tag: 98276
 - 21
 - Cannot access internet after Windows update My pc (running Windows XP) was running fine when I shut down last night. This morning after powering up my PC, there is an Automatic Windows Update balloon in the icon tray that prompted me to install the latest Windows update, which I did. Afterward, i can no longer connect to the net unless I disable my Zonelabs with Anti-Virus firewall. It never given me any prob until the latest Windows updates. I'm posting this message with my Zonelabs firewall disabled. What is wrong? Thanx in advance. Francis Tag: CLM on x64 host Tag: 98270
 - 22
 - Auto Updates from July 8, 2008 I have XP sp2 and yesterday Auto Updates did not give me a patch from the list of four that were released yesterday. I only received was only one other one, which I believe was released 7/7/08, and the usual malicious removal program. Shouldn't all XP sp2 users receive the patch below? http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx When I said the list of four patches, I mean: http://www.microsoft.com/technet/security/bulletin/ms08-jul.mspx Tag: CLM on x64 host Tag: 98264
 - 23
 - Deleting Archived Certificates from Users' My store on Workstations Hi, We have a piece of software that only checks for the existence of a certificate not whether it has been revoked or not. For this reason we would like to remove all of the archived certificates from the user My Store on workstations in the environment. The certs all had encryption set as a purpose so they have been archived and not deleted. I know that I can use a "certutil -delstore -user MY 999999999999999" command to remove individual certificates but I'm looking for a way to manage this across 5000 workstations. Is there an easy way that I am missing? Thanks, Bill Tag: CLM on x64 host Tag: 98253
 - 24
 - Live Communications Server 2005 - Web Access Having some problems with LCS 2005 web access whilst trialing it for production use. I'm getting an error 1 when logging on, and various websites have pointed towards a problem with the certificate. Now I'm not a big fan of certificates, and will admit to not knowing much about the implementation with Certificate Services in Svr 2003. I've requested a certificate from the CA with the name of the FQDN machine with web access installed on it. Could anyone give me some advice or a resource that has step-by-step guides on how to implement both Web Access and LCS 2005. Tag: CLM on x64 host Tag: 98252
 - 25
 - Local disk security What is best practice for security permissions on a 2003 web server's C drive? Here are my current security permissions after setting up a new web server and joined to domain Local Admin group - FC Creator Owner - FC Everyone - Special (default permissions) System - FC Users group - default permissions I have a D drive were inetpub has been configured with websites and the permissions are the same for this drive. Shouldn't everyone and creator owner be removed for tighter security? Tag: CLM on x64 host Tag: 98250

hello,

Is possible deploy CLM on a Windows 2003 x64 versiÃ³n?

Thanks
--
Unai Castro
MCSA Windows 2003

Re: CLM on x64 host by Paul

Paul
Thu Jul 24 06:56:50 CDT 2008

On Thu, 24 Jul 2008 03:53:00 -0700, Unai Castro wrote:

> Is possible deploy CLM on a Windows 2003 x64 versión?

Not yet, no. Currently only the database can be hosted on a 64 bit server.
All of the other components need to x32. 64-bit is coming in ILM 2.

--
Paul Adare
MVP - Identity Lifecycle Manager
http://www.identit.ca
Kiss your keyboard goodbye!

Top

Re: CLM on x64 host by UnaiCastro

UnaiCastro
Thu Jul 24 08:19:01 CDT 2008

Thank you, Paul.

I thougth that ILM 2 will have only changes in MIIS component. There are
more features for CLM apart from the compability with x64?

Top

Re: CLM on x64 host by Brian

Brian
Thu Jul 24 14:32:17 CDT 2008

The only other new feature enabled in the current beta 3 product is support
for 3rd party CAs.
More will become available as the release candidates start shipping.
Brian

"Unai Castro" <UnaiCastro@discussions.microsoft.com> wrote in message
news:FCF24978-29CC-443F-B908-C5EAA5D9A954@microsoft.com...
> Thank you, Paul.
>
> I thougth that ILM 2 will have only changes in MIIS component. There are
> more features for CLM apart from the compability with x64?

Top