We have a Sonicwall Firewall NSA 2600 and it is configured to not allow access to sites with SSL certificate issues, such as self signed, expired, untrusted, and so forth/

Beginning Monday morning, any attempt to access a Microsoft website is being blocked. First SSL block that occurs is untrusted root CA. I have triple checked and then triple checked the triple check and the Sonicwall does have the Baltimore Cyber Trust Root CA certificate installed and the serial number matches but it keeps saying Untrusted Root CA.

To get past that temporarily I disabled checking for untrusted Root CA and now it is giving an SSL block saying Certificate Chain Not Complete. I was able to find the correct intermediate certificate "Microsoft IT TLS CA 5" and imported it into the firewall certificate store. The serial number matches and the issued by is correct. However, the problem continues.

Is anyone else having any problems with Microsoft secure websites or have an idea of what to look at? I am very knowledgeable about SSL certs and certificate chains and such but this has me stumped.

This is affecting all Microsoft websites including Live.com, Bing, MSN, TechNet and MSDN any site that requires a secure connection.

How to export the members of a global security group in active directory such as VPN Users.  When I tried to export the list I got a list of all the global groups and not the members of the VPN users group.

I have a group of admins who didn't need to be Domain Admins. I removed them from the group and delegated permissions as needed. They have Edits settings, delete, modify security permissions to GPOs and can backup a GPO via the GPMC, but they cannot restore the GPO. Does anyone know the rights I need to grant and to what container to allow them to restore GPOs? Thanks.

https://www.cscollege.gov.sg/programmes/Pages/Display%20Programme.aspx?ePID=pe8r29gaqc5voaoitct59bdi3m

Referring to the above, I've been googling for IM8 (Instruction Manual 8 for ICT)
to download but can't locate one.  Anyone knows where to download a copy
without attending the training?  A slightly outdated (say 2 yr old) copy is fine.

Looking to set up "Honey token" or Trip Wire" in Windows PCs and servers.

I have read that you can use /NetOnly to dump fake username/passwords into Lsass.

How can I do this across the domain silently?

I want to display only the installed antivirus (in my case is the last item) and not all items of the collection, for example, it shows me:
Windows Defender
Malwarebytes
ESET Endpoint Security
So I added an ArrayList whose purpose is to display only the last Item which is: ESET Endpoint Security

wscript.echo GetAntiVirusName
Function GetAntiVirusName()
Set objWMIService = GetObject("winmgmts:\\.\root\SecurityCenter2")
Set colItems = objWMIService.ExecQuery("Select * From AntiVirusProduct")
On Error Resume Next
If Err <> 0 Then
	GetAntiVirusName = "No AntiVirus "
Else
	Set ArrayList = CreateObject("System.Collections.ArrayList")
	For Each objItem In colItems
		ArrayList.add objItem.displayName
	Next
End If
GetAntiVirusName = ArrayList(ArrayList.count-1)
End Function

Select all Open in new window

How to know if there is no antivirus installed by this function?
If you have any advice to go, I am at your disposal, to improve it!

Dear wizards, can you please recommend some best models of Firewall appliance?

The requirements are:
- Can detect and automatically block network attacks (IDS/ÍPS), virus, worms, volummetric ...

- Including routing, HA, failover features

- Reliable

On my new Windows 10 Home Laptop (1803 64 bit), I've done everything to disable the lock screen, but it continues to come up after the laptop has been idle - I think for 30 minutes.  Even when plugged in - set to never sleep, never hibernate, no screen saver, screen powers off after 15 minutes.  Disabled lock screen in registry.  In power options there is NOT the usual option to not ask for a password when resuming, but again, I have it set to never sleep or hibernate when plugged in and it still happens.  Any ideas to make the lock screen NEVER come up?  Maybe it is a good security setting, but I understand the risks and don't want it!

I need to copy a user profile in Windows 7 because my Mandatory Profile goal.  I created and logged into the new user (domain computer, local user without privileges), then I customize the profile (icons, registry itens, webpages...) So I restarted the computer and has logged with my domain admin account and Copy To for User Profile Is Greyed Out (Control Panel, Security, System...).
So I enable the local Administrator account and logged in. Same result: Copy To for User Profile Is Greyed Out.

I had read that simply copying the user folder manually and inserting it into the mandatory profile sharing could cause problems. So, how to do the right way?

We use Office 365 for Exchange. One employee's email account was compromised. HR received a request for changing direct deposit bank, from this employee's email address, and HR replied the email. But the request wasn't from the employee. The employee could receive all the normal emails, but not the ones related to this request.

How can we trace the original request email? How can we fix this issue?

hello all,

I am an owner of a small business in my town, I got infected by a ransomware, with .rapid extension, he wants a big ransom that I cant pay.
any solution for this version. please help.

I have a workstation getting numerous event 4624. Searching and I can see many different workstations attempting to login to this computer but the security id and process id give me no information. Anyone know what this could be?

Category: Logon
Message:  An account was successfully logged on.

Subject:
      Security ID:            S-1-0-0
      Account Name:            -
      Account Domain:            -
      Logon ID:            0x0

Logon Information:
      Logon Type:            3
      Restricted Admin Mode:      -
      Virtual Account:            No
      Elevated Token:            No

Impersonation Level:            Impersonation

New Logon:
      Security ID:            S-1-5-7
      Account Name:            ANONYMOUS LOGON
      Account Domain:            NT AUTHORITY
      Logon ID:            0x123C0FAA6
      Linked Logon ID:            0x0
      Network Account Name:      -
      Network Account Domain:      -
      Logon GUID:            {00000000-0000-0000-0000-000000000000}

Process Information:
      Process ID:            0x0
      Process Name:            -

Network Information:
      Workstation Name:      XXXXXX-PC
      Source Network Address:      192.168.1.59
      Source Port:            49324

Detailed Authentication Information:
      Logon Process:            NtLmSsp
      Authentication Package:      NTLM
      Transited Services:      -
      Package Name (NTLM only):      NTLM V1
      Key Length:            128

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field …