Microsoft Active Directory Certificate Services [AD CS] Installation

Microsoft Active Directory Certificate Services [AD CS] provides a platform for issuing and managing public key infrastructure [PKI] certificates. On top of securing application and HTTP traffic the certificates that AD CS provides can be used for authentication of computer, user, or device accounts on a network.

Continue Reading

Active Directory Ports

In the series of posts this month we’ve been looking at network ports relevant to security administrators. This note explores the ports used for Active Directory (AD) communications, which is a topic particularly relevant for allowing AD traffic across a firewall. For instance, you may be wondering which ports to open to allow AD replication across internal subnets, or to allow an AD member server on a screened subnet to authenticate to a domain controller on another subnet.

Continue Reading

SCCM: Step by Step Walk-through Setup

Introduction

The environment used for setting up System Center Configuration Manager is a two server farm with one server acting as the Domain Controller and the second one will act as the SCCM Server with SQL Server 2016 installation. We will install SCCM on the same server as SQL Server for the time being. We can also extend the set up to a stand-alone SCCM server and SQL Server. The installation of SCCM is primarily divided into two sections:

  • Prerequisite installation
  • System Center Configuration Manager Installation
Continue Reading

Step by Step How to Installing and Configuring AD RMS in Windows Server 2016

Introduction

Active Directory Rights Management Services (AD RMS) Data leakage is the unauthorized transmission of information – either to people within the organization or people outside the organization – who should not be able to access that information. One of the major advantages of using AD RMS over other security features such as NTFS permission is that AD RMS permission travels along with the documents.

AD RMS integrates with existing Microsoft products and OS including Windows Server, Exchange Server, SharePoint Server, Microsoft Office Suite and Microsoft Azure.

AD RMS can protect data in transit and at rest. For example, AD RMS can protect documents that are sent as email messages by ensuring that a message cannot be opened even if it is accidentally addressed to the wrong recipient.

Continue Reading

Configuring and using Windows Deployment Services (WDS)

Windows Deployment Services (WDS) is a really interesting tool from Microsoft. It allows an administrator to remotely deploy Windows operating systems to machines booting from a network adapter.

In environments with a high number of clients WDS can be very useful, a new computer can be formatted just plugging the Ethernet, without any physical support like Windows DVDs or USB drives.

Continue Reading

Step-By-Step: Setting up AD FS and Enabling Single Sign-On to Office 365

This is a typical highly available setup into Office 365. Ideally this server will be installed as virtual servers on multiple Hyper-V hosts. Think about redundancy, not only in the virtual servers, but in the Hyper-V servers as well. Install one AD FS and one AD FS Proxy on one Hyper-V host and the other AD FS and AD FS Proxy on another Hyper-V host. This prevents loss of service from a hardware failure. Keep in mind that once you are using Single Sign-on with Office 365, you rely on your local Active Directory for authentication. Both video and printed steps have provided to ease your implementation of AD FS and SSO.

Continue Reading

How to Setup And Configure DNS Role on Windows Server 2016

Domain Name System (DNS), defined in several Request for Comments (RFC)documents, performs a single task: translating user-friendly hostnames to IPv4 or IPv6 addresses. The DNS serverin Windows Server 2016 works the same basic way as it does in Windows Server 2012 R2. However, the Windows Server engineering team added some worthwhile enhancements, including DNS policies and Response Rate Limiting (RRL).

Continue Reading