Domain Controllers no longer automatically renew certificates after configuring “Certificate Services Client – Auto-Enrollment” via GPO

This requires a fairly specific configuration to occur but I didn’t see this documented anywhere so I figured I’d write about it. If you run your own Enterprise Certificate Authority using the Active Directory Certificate Authority and have used the default ‘Domain Controller’ template you may run into this problem. By default, it does not … Read more

ERROR_SXS_ASSEMBLY_MISSING (0x80073701) on Windows Server 2019

Update 2024-02-28 From Nate in the comments: If you find the script is not solving the problem for you, purge the contents of C:\Windows\Logs\CBS\, reboot and try running the script again. Original Article We’ve run into a strange problem with our Windows Server 2019 VMs where sometimes when we clone a new VM from our … Read more

Script for detecting potentially vulnerable Log4j jars [CVE-2021-44228] on Windows Server

Update 2021-12-18 – This looks like a much more competent script for detecting this vulnerability and there is a python version for Linux: https://github.com/CERTCC/CVE-2021-44228_scanner Updated 2021-12-17 – Script is v1.4 and looks for .war files now too Original post below Inspired by the one-liner here: https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b#find-vulnerable-software-windows I wrote a script to expand on the command, … Read more

Windows Defender Advanced Threat Protection Service will not start after November 2021 updates

Update – 2021-12-15 – I can confirm that the December Windows Updates have fixed this issue for us.   After installing OS updates on all of our servers in November 2021 we ended up with three servers, all running 2019 Core and all Domain Controllers, where the Windows Defender Advanced Threat Protection Service would not … Read more

Is enabling SMB Signing on your NetApp a non-disruptive change?

We received the following alert from our ActiveIQ Unified Management Appliance (and a similiar one in ActiveIQ / AutoSupport): Alert from Active IQ Unified Manager: Advisory ID: NTAP-20160412-0001 You can find more details here: https://security.netapp.com/advisory/ntap-20160412-0001/ After reviewing it, fixing it seemed like a straight forward change but I wanted to know, is enabling SMB signing … Read more