Cisco ASA: Prioritise RDP Traffic
KB ID 0001359 Problem I have a client who had two sites, one didn’t have a particularly good internet connection, (which is the actual problem that needed to be solved). But in the interim, he wanted me to prioritise RDP traffic, as his staff were constantly complaining about the speed of their connections. Note: They may be a myriad of reasons why user experience is bad for an RDP session, this was quite simply a bandwidth...
ADMT Password Export Server Error: Invalid Password!
KB ID 0001355 Problem Seen when trying to install the ‘ADMT Password Export Server Service’, whilst doing a domain migration; Invalid Password! The supplied password does not match this encryption key’s password. ADMT’s Password Migration Filter DLL will not install without a valid encryption key. Solution At first I assumed I was suffering from ‘fat fingers’ and just entering the wrong password,...
Windows Certificate Services ‘certsrv’ Website displays 403.14
KB ID 0001342 Problem I seem to get all the PKI/Certificate services problems! Yesterday I was trying to use the web enrolment portal on a certificate services server, and could not get in locally, (or remotely) via http, (or https) it simply showed me a 403.14 error. HTTP Error 403.14 Forbidden Solution This was an odd one, in IIS Manager select the ‘Certsrv’ virtual directory > Advanced Options > And look at the...
Windows Server – Fails Installing .Net 3.5
KB ID 0000924 Problem I needed to add .Net 3.5 to a Windows Server for an application install, but when I added it as a ‘feature’ it failed. Server 2016 The request to add or remove features on the specified server failed. The source files could not be found. Use the “Source” option to specify the location of the files that are required to restore the feature. For more information on specifying a source...
An Invalid Directory Pathname Was Passed
KB ID 0001338 Problem While attempting to delegate administration of an OU, I got this error; Delegation of Control Wizard The wizard cannot retrieve security information from the Active Directory. An invalid directory pathname was passed. Solution Took a while to figure out! The OU in question has a ‘slash’ in the name of it; Once I changed this to a hyphen, the error ceased. Related Articles, References, Credits, or...
Using LDP to Find an Objects ‘Distinguished Name’ in Active Directory
KB ID 0001337 Problem There are a few occasions when you need to know an objects ‘Distinguished Name’ (DN). For me it’s usually when I’ve got a device that needs to do LDAP/LDAPS lookups, (RSA Appliance, Netscaler, Cisco FirePOWER, etc). Today someone needed to ‘bind’ a Checkpoint firewall to Active Directory, and asked me to create user, and give them the DN and password. I’ve mentioned...
Windows – Unable to Move an OU
KB ID 0001336 Problem I was doing some AD redesign work for a client this week, and I needed to move an Organisational Unit (OU). However the domain had other ideas; Active Directory Domain Services Windows cannot move object {OU-Name} because: Access is denied. It wasn’t a rights issue, (I was an Enterprise Administrator). Solution As it turns out, it was the same problem I’d had back when Server 2008 first came out...
Windows Folder Redirection
KB ID 0000467 Problem Q: What is Folder Redirection? A: Essentially you can take folders that hold things like your “My documents” or your “Favorites” folder, and put them out on a network server, which is great if you want to back that sort of information up for disaster recovery. Q: What’s the difference between this and a roaming / roving profile? A: Folder redirection keeps information on a server...
Microsoft PKI Planning and Deploying Certificate Services Part 3
KB ID 0001312 Problem Following on from Part Two, now we have an offline Root CA, and a CRL server, our next step is defined by our PKI design, are we three tier, or two tier? (Look in Part One for a definition). Solution As previously mentioned, Microsoft just treats Intermediate CAs and Issuing CA’s as the same thing (SubCAs). So the next step is identical for either. But I would suggest one difference, If I was deploying an...
WannaCry – Protect Yourself
KB ID 0001311 Problem Last Friday, the IT world was hit by another attack, WannaCry is a Ransomware infection, that exploits a hole in the windows SMB Protocol. This hole was patched back in March, (Security update MS17-010) so if your, (windows update supported systems) have updates enabled, you will probably already be protected. Why were big organisations like the NHS hit? Primarily because they have systems that are no longer...