Can someone give me a comparison of the teaks that can be performed by
Enterprise Admins, Domain Admins and Schema Admins?
Thanks for your answer,
Werner

I've changed OldPasswordAllowedPeriod value in my DC registry to 0 but
still, after changing user password I can make LDAP bind with the old
one.
Did anyone manage to force NOT caching previous password with this

Hi, we're producing a system service for Windows Server 2008.  One of the
tasks of the service is to create a user and a group.  The service runs as a
minimally-privileged user created on installation.  This service user is
added to the Power Users group, as specified in the ...

How to renew the certificate issued by a standlone CA
Hi Everyone,
I have configured a standalone CA and issued ssl certificates
to end users who are Anonymous users All are made to requested through web

I have server 2008 and I want to download the Java program from www.java.com
I get a message saying I have a security issue with the server that will not
let me download the file.
Does anyone know what its talking about?

I've seen documents that say migrating from 32 to 64 bit IS possibile
and then i've seen several people say it is not.  Since 2008R2 is
64bit only, how can an orgainization handle upgrading their CA?
I have my CA on a 2003 SP2 box that I need to move to a 2008R2

My Windows Server 2003 Enterprise CA needs to renew its certificate. When I
klick on "Renew CA Certificate" it states that the CAmust be offline to do
this - no problem ==> Next.
Then I get a question if a want to renew the keypair and Yes I want to do

What does this defination mean?
If the policy set:domain member: Maximum machine account age :30 days, does
it mean the workstations and servers in a domain will drop off domain and it
needs to re-join the domain again every 30days?

I have shared a couple of drives administratively so they can be accessed by
\\server\drive$. On connection I am asked for a password. The server is a
windows XP Professional computer.
Using the server's built in administrator account I can have access, but

I try to recover a key from our CA. Now I have to assign the Certificate
Manager Role to my account, as described here:
http://technet.microsoft.com/en-us/library/cc779954(WS.10).aspx
But I have no clue how to do that. I search in the AD, local and in the

Restricting access to internal hosts
hi all!
i have a problem which i hope you can help me with. please see image located
here:

I'm trying to configure a hardening template for our servers and I've
got everything done except the registry component.
I've successfully configured the security settings for certain
registry keys, but what I cannot seem to find is I need to modify/

I am trying to find out if there is a way to stop Windows 2003 server from
using NTLM to authenticate a user if Kerberos isn't available or didn't
work. In other words, we want to use only Kerberos, but I read somewhere
that if Kerberos doesn't work Windows 2003 will try NTLM. Is ...

I accidently renew the CA Certificate from our CA. Now I like to delete
this new Certificate. I don`t mind the problems regarding dependencies
to other Systems.
Regards

I have several shares with permissions of Domain admins full control and
System special.
When staff try to access these folders they receive and access denied.
Which is great.  However, I've found that these staff can right