cve-2020-1472 Security patch kb4571719 not installing in server 2008 r2 enterprise
I want to Install CVE-2020-1472 patch (KB4571719) on my window server 2008 r2 enterprise server. But i got error shows "The Windows Modules Installer must be updated before you can install this package". on my server Servicing stack update…
![](https://techprofile.blob.core.windows.net/images/2fooggAAAwAAAAAAAAAAAA.png?8DC1D0)
Report to output the latest patch of all servers
I have used windows group policy to deploy security patches to all servers. How can I output in the form of report of the date security patches applied to the server. I have not used SCCM but have the database if that can be used as a tool to report the…
Choose CSP when using Get-Certificate powershell
Hi, I am looking for a way to change the CSP which is being used by the Get-Certificate powershell function. To be precise, i am trying to use the CSP Type 24 Microsoft Enhanced RSA and AES Cryptographic Provider. Issuing certificates from the…
![](https://techprofile.blob.core.windows.net/images/ab0baa0aeeef4393b7e2656e34aea031.png)
Micosoft CA - Wildcard certificate. Multi Domain yes/no?
Hi Just a problem We have a domain CA (a root CA which is offline and a sub CA which is domain joined) based on windows server . An external customer is asking for a wildcard cert. My question is: (Please read the domain correctly, I have to…
WinRM HSTS
Hi everyone, i'm doing some security scans for PCI and i keep getting flagged for HSTs on Winrm, i know how to fix it for IIS but i have no clue where to begin for winrm, didnt even know HSTS on winrm was a thing. Does anyone have any advice on this? or…
My SQL Configuration changes automatically
HiI would like to know why my SQL configuration is changing automatically. I am a worried that it can be a security issue. First my admin account, the one I use locally with Windows Authentication get disabled. Then a DB in my instance changes to…
ZEROLOGON - GPO - Active Directory
Hi there Microsoft! I have an AD Domain running 2 x 2016 Domain Controllers (virtual) - FFL & DFL are both 2012R2 and were uplifted recently from 2008R2. The single domain in a single forest has recently been uplifted from 2008R2, the old…
![](https://techprofile.blob.core.windows.net/images/ZqZlexHucUqxMJWzM1nAhg.png?8D8661)
Active Directory solution use case
We have a customer with around 100-120 employees, most are field staff with laptops. They have no Active Directory on-premises, all laptops are in a workgroup with no management and control. They are facing security challenges and need to control…
![](https://techprofile.blob.core.windows.net/images/PT7QlfEdr0qdUKsDf1u5tw.png?8D801B)
Flooded with Event ID 4663
On a server 2016 and 2019 machine, I'm getting flooded with Event ID 4663 logs when the following group policy is enabled: Computer Config -> Windows Settings -> Security Settings -> Advanced Audit Policy Config -> Object Access -> Audit…
How to force user to open files only from one location on Office 2016
Hello, We have an Excel 2016 published on Citrix for our users. We have a requirement that user can open spreadsheets from one specific location (user homedrive mapped in his AD profile). We have blocked navigation via Windows Explorer and via address…
![](https://techprofile.blob.core.windows.net/images/VO6-eSaQSU2c6zTiIV9eJw.png?8D8393)
![](https://techprofile.blob.core.windows.net/images/aYf80cOltkiJ-ccSQml4Mw.png?8D8292)
SMB Signing not required vulnerability
Hi All, We are seeing SMB Signing not required vulnerability in our domain joined servers, but this vulnerability is not reported in our ADDS server. could you please let me know why vulnerability is not appeared in ADDS but appearing in domain joined…
Logon restriction hours
Hi Why logon restriction hours doesn’t work when the domain cannot be reached ? Eg I unplug the Ethernet and the user can log on normally. Put Ethernet back and the user cannot log in anymore. What’s the mechanism behind this ? Thank you !
KB4571723 superceeded (by KB4578013) and not required -but manually installs
For patching against CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability, the relevant update for security only updates is: W2012R2 KB4571723 Security Only - However this is superceeded by KB4578013 which is an out of band update which…
Exporting GPO setting on Member Servers using Secedit not Working
OS Windows server 2012 R2 Datacenter I want to be able to export some Software Restriction Policies from the Local Security Policy. I am trying this on member server machines. The command I am trying to run is: In powershell run as …
Query about Local administartor password solution
Hi, One of the Windows 10 workstation last contact to domain controller was on 29-May-2020. LAPS Password expired on 14-Jun-2020. If I enter the password then the workstation does not accept the password. Is there any reason why the LAPS…
There is additional "(1)" in the CDP Location and delta cdp location in the sub CA . How to remove (1)
Hi team Recently I have renewed my subCA certificate . when i have checked pkiview.msc i have noticed that there is an addtional '(1)' in the ldap CDP location. i also have http location and there also this (1) is appearing. i have renamed to CA name…
Get-WmiObject Win32_ComputerSystem return 0x800706BA error
In my environment, it has a root AD domain which has two child domain child1 and child2. The server, Windows 2016, is in child1 domain. For a client computer, Windows 10, which is in child1 domain, if I run command as following Get-WmiObject…
Struggle with Winows event log collectors
Hi Log collectors or SIEM tools are useful because the native Windows Event Viewer is slow, can search a limited number of logs only (around 4GB = 24h Security Log on DC), does not work across systems and cannot perform analysis or send alerts. …
PKIVIEW CDP location not updating
I am having a similar problem as this: https://social.msdn.microsoft.com/Forums/en-US/bc49c902-f8cf-4c9f-b239-09c7470ceb9b/enterprise-pkiview-not-updating-http-cdp-files?forum=winserversecurity …
Windows 2019 Certificate Authority is adding 10 minutes to my Certificate Expiration Date
Here's one for the ages. I built a new subCA from a base Server 2019 build. I have done this several times in the past. I issued it a 10year cert from the RootCA. So far everything is good. I configured certificates to be valid for two years. Now…