AD Troubleshooting

AD and Domain-related issues and troubleshooting methods for Active Directory.

Browse by Tags

Related Posts
  • Blog Post: Windows 8 shortcut keys

    For the last couple of months I've been running with the Windows 8 Consumer Preview on my laptop. Besides having to resist the urge to swipe the startup screen (which would be a nice feature even on a standard laptop) the biggest challenge has been to map my previous activities to the Metrofied interface...
  • Blog Post: TPM-CSP Autoenrollment failing with 0x8010002e SCARD_E_NO_READERS_AVAILABLE

    We're attempting to enroll for certificates using a TPM chip on a laptop - it fails when autoenrollment is involved but works when done manually via the MMC. According to http://msdn.microsoft.com/en-us/library/bb905527.aspx on the Smart Card Resource Manager service: “ By default, the...
  • Blog Post: Enrollment from Windows XP clients against Windows 8 CA server failing

    When a certificate request is received by a certification authority (CA), encryption for the request can be enforced by the CA via the RPC_C_AUTHN_LEVEL_PKT flag, as described in MSDN article Authentication-Level Constants ( http://msdn.microsoft.com/library/aa373553.aspx ). On Windows Server 2008...
  • Blog Post: Fiddling with ADFS - end the infinite authentication loop

    While working at a customer site the other day I was reminded of an article by Eric Lawrence on why you sometimes start seeing endless pop-up windows asking for credentials when using Fiddler to decrypt HTTPS traffic during troubleshooting. In short; If the web server has Extended Protection for Authentication...
  • Blog Post: XP and W2k3 Clients are by default unable to enroll from W2k12 CA servers

    RPC Packet-level Authentication is by default turned on in Windows 2012 CA's. This can also be turned on in W2k8+ but defaults to off there. ..... From http://technet.microsoft.com/library/hh831373 When a certificate request is received by a certification authority (CA), encryption...
  • Blog Post: ADCS has become site-aware in Windows Server 2012

    One of the largely unheralded big new features of Active Directory Certificate Services is that it can now be configured to be site-aware! This is accomplished by following the detailed steps that are described on the ADCS Wiki link below. The short version is however as follows: set the...
  • Blog Post: God mode on Windows 8

    It' s summer, you're bored enough to start reading random newsletters and then you pick up something useful. Create a folder on your Surface desktop with the name GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} Open The folder for a surprise... ...this incidentally also works on Windows...
  • Blog Post: Windows 8 features

    The Win8 Product Teams have started blogging about new features in the upcoming Windows 8 release. Windows 8 Server: Microsoft Server and Cloud Platform Blog http://blogs.technet.com/b/server-cloud/archive/tags/windows+server+8/ Windows 8 Client: Building Windows 8 http://blogs.msdn.com/b/b8/ ...