Problem Description: Windows Server 2008 R2 Domain controller is failing to boot. Error: STOP: c00002e2 Directory Services could not start because of the following error: The specified procedure could not be found Error status: 0xc000007a. Cause: Missing parameters, diagnostics and RID Values keys underneath hklm\system\ccs\services\ntds\ Resolution: Replace SYSTEM Registry hive in C:\Windows\System32\Config\SYSTEM with C:\Windows\System32\Config\Regback\SYSTEM. To […]

Read More →

Issue Statement: You have disabled a specific version of TLS/SSL using following registry as mentioned in https://support.microsoft.com/en-in/help/245030/how-to-restrict-the-use-of-certain-cryptographic-algorithms-and-protoc: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\<SSL/TLS version to disable>\Server When you run vulnerability scan in your environment, you still get disabled SSL/TLS version listed as enabled in the vulnerability report over a specific port (e.g. 4883) Action Plan: Capture following data: 1) Netstat […]

Read More →

Problem Statement: How to change the signature algorithm on CA (Certification Authority) Server from RSASSA-PSS to RSA256SHA? Cause: You have legacy clients e.g. Windows XP, Window Server 2003 cannot validate the RSASSA-PSS signature and this behavior cannot be changed by installing any Service Packs as well. RSASSA-PSS signatures are supported on Vista and later operating systems only. […]

Read More →