On my Windows 2003 servers I prevent anonymous sid and name
translation, I do not allow anonymous enumeration of SAM accounts or
shares and I do not allow the everyone permission to apply to
anonymous users. I also do not allow any named pipes to be accessed

I have been learning about PKI and AD CS.  And there is alot of material
about using active Directory to hand out certs.
But what if you were in a non-domain environment.  How would 2 companies use
each other's certs? Let's say that company A and company B each had AD CS

I have just setup a new Domain Controller which will be a new Primary Domain
Controller.
everythings runs fine only one thing, when i tried to create a security
policy and apply it into the Server by using Security Configuration Wizard,

We just acquired a company who has a file server with 15 TByte / 20 million+
files on it. When they set up the server, they granted Read access on all
files/folders to the server's Users group. This means, that because the
Authenticated Users group is a member of the server's ...

I have a CA root and a CA subordinate Microsoft Certification Authorities. I
have duplicated the code signing template to make some changes in the code
signing certificate template. I want my development staff to get
certificates using this template. I have created the template ...

Folks,
If my workstation (running XP) has multiple certificates that are qualified
for EFS encryption, which one will be selected when a file is enabled for
EFS?   It seems there are no choices for user to select manually.

I would like to create an application that would allow one or two other
people in the office to reset a user's password in case I am not available.
Our DC is a W2K3 Enterprise server.
Any help would be appreciated.

Is there any security threat to the following ?
  - windows xp2 is locked (have to enter Ctrl+Alt+Del)
  - servers setup to disconnect users at 10:00 PM
For electricity savings reasons we are starting to request users

Just a quick question, another admin at my work struck up a conversation
about password strength in Windows, stating that salts were not used. This
came as a bit of a surprise, as I had never looked into the technicalities
of the windows password scheme.

We currently have a central server running 2003r2 which is managing printers
for the servers. We have the option of manually amending the security rights
via the print management console however as we are looking to roll out 50
more servers with roughly 4 printers per server,  ...

I need to grant a user I created the "Log on as a Service" permissions.  On
my Windows 2K3SP2 Exchange 2K3SP2 server, I go to Local Security
Settings-->Local Policies-->User Rights Assignment--> and double-click Log
on as a service, the Add Users or Groups button is greyed out.  ...

We have a forest setup (all servers are win2003) where we have one
root domain controller (actresses.net) and one child domain
(hot.actresses.net) controller.
Root domain has an Enterprise CA installed, and we are trying to allow

Hey gents,
I'm having a weird NTLM issue with a Windows 2003 Server and wanted a
nudge in the right direction...  Any and all help is really
appreciated... :)"

This is probably a newbie question.  I'm testing a PKI deployment, and
has been wondering what the purpose of specifying different Issuance
Policies in the CAPolicy.inf file.
To illustrate my point, if I add the following strings into

I don't know if this is just limited to us but we have found installing
MS07-067 has killed RDP on the servers (2003 SP2)  where it has been
installed. Rolling it back fixed the problem.
For info MS.