In configuring the Microsoft Intune Certificate Connector and attempting to issue certificates to your client via Intune you might run into the error message below. IssuePfx – COMException: System.Runtime.InteropServices.COMException (0x80094800): The requested certificate template is not supported by this CA. (Exception from HRESULT: 0x80094800)at CERTENROLLLib.IX509CertificateRequestPkcs10V2.InitializeFromTemplateName (X509CertificateEnrollmentContext Context, String strTemplateName) at Microsoft.Management.Services.NdesConnector.MicrosoftCA.GetCertificate (PfxRequestDataStorage pfxRequestData, String& certificate, String& password) Failed to issue… Read more
Category: Servers
Servers power many organisations and are even making their way into homes (even if it is a simple NAS box). With more RAM then you could even imagine (I have to admit I’m a RAM addict) and processors that make the latest and greatest gaming PC look minuscule in comparison it is these mighty machines that make the world go round.
Detecting threats with inbound SSL (TLS) decryption
Today we have the answer to the question – Without SSL decryption how many threats/attempted vulnerability exploits/other bad stuff will I miss that are coming from the internet at my internally hosted (externally published) web sites and services? To run some simple tests (which will be detected as malicious attacks) I’m going to be running the Nessus scanner against a… Read more
Backing up a Palo Alto Networks Next Generation Firewall with PowerShell
For some time there have been plenty of examples of backing up Palo Alto Firewalls with curl commands (extracting the files using the XML API) however that may not sit well with some Windows administrators who want to use PowerShell. As such I’ve put together the BackupPANNGFWConfig repo on GitHub which contains the scripts to get ahold of the API… Read more
Server 2019 Network Policy Server (NPS) doesn’t reply to RADIUS requests
Bit of a crazy issue when deploying a new Ruckus wireless network – in first suspecting an issue with the controller software or perhaps some kind of access control list blocking traffic it turns out that the default Windows Firewall rule for allowing NPS traffic is broken in some fashion. Having tried this (and it working fine) on Windows Server… Read more
Remote Desktop Services – 2018 deployment (with Windows Server 2016)
After a great many years since Custom RemoteFX RDS Farm it’s time for something new! After much discussion and looking at the working practices at my current place of work we’ve decided to go all in with RDS and to support that we’ve got 3 new servers to run it on. 2x 1U rack mounts to go in our main server… Read more
uniFLOW Server Service (MomSvc) will not start
For a little while now we’ve had issues with the uniFLOW Server service (version 5.3) not starting in a timely fashion (2hrs+). After a harrowing tale of working with their support going in circles looking at issues with SQL Server and suchlike we worked out that the issue seemed to be caused by stale files at ‘C:\Program Files (x86)\Common Files\NT-ware… Read more
RDS on Server 2016, Failed: Unable to install the role services.
In putting together a small RDS (Session Based) environment on Server 2016 today today I kept running across the error message below during the installation. Failed: Unable to install the role services. After much back and forth between forums and event viewer it turns out our default policy to disable TLS 1.0 on servers was the issue. Enabling TLS 1.0… Read more
College IT Conference 2018 – Deploying and Managing Microsoft Services with PowerShell on Windows Server Core
Thanks to the organising committee of the (Oxford and Cambridge) College IT Conference 2018 held at the RAF Museum (Hendon) for the invite to talk about PowerShell and Server Core! As promised the video from the presentation is now up on YouTube; in addition the slides as PowerPoint and PDF can be seen below. <span class=”mce_SELRES_start” style=”width: 0px; line-height: 0;… Read more
IT Open Day at The Queen’s College, University of Oxford
With thanks to the 50 staff from across the University for attending please see below the links to the videos and PowerPoints of the day! Direct link to Playlist – https://www.youtube.com/watch?list=PLRxbdlgJzwyjAf820T0u4GpP0E01a9LEX&v=u-GVJ_0VuRM Slides as PowerPoint Slides as PDF Stay tuned over the coming days for the scripts that are mentioned through the video which will be linked to from this post.
Set OpenVAS to only scan hosts that reply to PINGs
In my environment all of our network connected devices are configured to respond to PINGs; this mainly comes about from using PRTG Network Monitor to confirm that devices and services are up even in the most simple of fashions. The same also applies to client PCs which through Group Policy are configured to reply to PING. Thus to save OpenVAS… Read more