This issue applies to Server 2003 schemas. Remember, your schema may be lower than your domain controller server version. So you're working through some policy issues and you find that your computer isn't picking up the proper password policy that you've applied, even though your machine is definitely part of the OU where the GPO is linked. You do an RSOP and see that the resultant policy is not applied and can't figure out why some things like password age or complexity are not being changed … [Read more...] about Password Policies such as Maximum Password Age are not being set by GPO
There are certain really helpful Event Logs that just aren't enabled by default. This KB will show you how to enable the Event Log ID 4740, which will really help with proactively managing accounts that belong to users who are having trouble with their passwords, getting locked out while trying to connect to a resource remotely, or an account just getting maliciously hammered and locked out because your policies in place are stopping them. You have Password Policies in place to lock out users … [Read more...] about Enabling Event Log ID 4740 – A User Account Was Locked Out
Every once in a while you'll run across issues with NTFS security that just can't be explained. You'll want to move folders, files into folders, or take ownership of a file but Windows Explorer just won't let you. Run these two commands and you'll get your ownership back. takeown /f S:\path/r /d y icacls S:\path /grant administrators: f /t If you are logged in as yourself, the first command will make you the owner. The second command will clear up any issues with administrators having … [Read more...] about An error occurred while applying security information – Access is denied
I was dealing with a security vulnerability and wasn't having much luck finding how to fix this issue online. I finally came across a few website posts that got me a little closer to what I was looking for. The full solution can be found below: Here's the report: Summary This host is running Remote Desktop Protocol server and is prone to information disclosure vulnerability. Vulnerability Detection Result Vulnerability was detected according to the Vulnerability Detection … [Read more...] about Vulnerability: This host is running Remote Desktop Protocol server and is prone to information disclosure vulnerability.
Here's the default username and password to Fortinets as well as most Fortigates: user: Admin password: (none) Hope this helps some of you guys. Cheers. … [Read more...] about Fortinet default username password
As an admin, you've got lots of devices that you log into using IP addresses and other pages that you access such as https://localhost. It gets annoying when you have to see "your connection is not private" a few times a day and then choosing to proceed anyway. Here's how to disable that: Copy this switch: [crayon-5a12bf82ecec1051969080/] Go to the properties of your Chrome shortcut. Most of the time this means right clicking on the shortcut and going to properties. In the "Target" … [Read more...] about Chrome: Disable the “your connection is not private” page
While doing some end of the year vulnerability scans, we were getting some web servers coming back with some potential security threats, all too common in the IT world. Looking for a faster method to patch up these holes, I came across a very neat little tool Call IIS Crypto made by the good people at Nartac Software. Their explanation of the tool: IIS Crypto is a free tool that gives administrators the ability to enable or disable protocols, ciphers, hashes and key exchange algorithms on … [Read more...] about Disable Vulnerable Ciphers, Hashes, Keys, using IIS Crypto
Are you using the latest release of WHMCS? Whether you're a hobby host just doing website hosting for extra coin or you're heavily invested in WHMCS to operate the core of your business, you should be. Just like Microsoft Updates nowadays, WHMCS updates have less to do with features and UI changes and more to do with patching security holes. Most all of releases for WHMCS are related to taking care of exposed security issues. Updates and security is such a big issue they have a special blog … [Read more...] about The Value of Updating WHMCS