Click here to get back home

failing to retrive CRL from certificate server using new LDAP Serv
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
failing to retrive CRL from certificate server using new LDAP Serv Mr555 08-22-2006
Posted by Mr555 on September 4, 2006, 6:52 pm
Please log in for more thread options
 i am running out of ideas enabled anonymous access still won't work under
windows 2003 server

asked netscreen support they said they do not support microsoft product

"S. Pidgorny <MVP>" wrote:

> I'm sure you can authenticate LDAP connection from Netscreen and not to
> enable anonymous LDAP binding.
>
> --
> Svyatoslav Pidgorny, MS MVP - Security, MCSE
> -= F1 is the key =-
>
> > Hello Paul
> >
> > thank you for your answer to my questions I think you may be right, I find
> > this article is exectly what you said
> > http://www.windowsitpro.com/Article/ArticleID/46573/46573.html
> >
> > I will
> >
> > "Paul Adare" wrote:
> >
> >> microsoft.public.windows.server.security news group, =?Utf-8?B?
> >>
> >> > we have another window 2000 replicate DC Server it is call "Spoon. the
> >> > ip
> >> > address of spoon is 192.168.1.3, I specify the ip address of
> >> > 192.168.1.3. on
> >> > the certificate setting > LDAP on our netscreen VPN/ Firewall. the
> >> > automatic
> >> > CRL retrive works.
> >> >
> >> > after this test I suspect there may be some default security setting
> >> > may
> >> > have disallow Netscreen to communicate with our windows 2003. do you
> >> > know or
> >> > is there any settting i need to be aware of ?
> >> >
> >>
> >> Windows Server 2003 domain controllers do not allow anonymous access to
> >> the directory by default unlike Windows 2000 domain controllers.
> >>
> >> --
> >> Paul Adare - MVP Virtual Machines
> >> It all began with Adam. He was the first man to tell a joke--or a lie.
> >> How lucky Adam was. He knew when he said a good thing, nobody had said
> >> it before. Adam was not alone in the Garden of Eden, however, and does
> >> not deserve all the credit; much is due to Eve, the first woman, and
> >> Satan, the first consultant." - Mark Twain
> >>
>
>
>

Posted by Brian Komar [MVP] on September 4, 2006, 11:34 pm
Please log in for more thread options
 @discussions.microsoft.com says...
> i am running out of ideas enabled anonymous access still won't work under
> windows 2003 server
>
> asked netscreen support they said they do not support microsoft product
>
> "S. Pidgorny <MVP>" wrote:
>
> > I'm sure you can authenticate LDAP connection from Netscreen and not to
> > enable anonymous LDAP binding.
> >
> > --
> > Svyatoslav Pidgorny, MS MVP - Security, MCSE
> > -= F1 is the key =-
> >
> > > Hello Paul
> > >
> > > thank you for your answer to my questions I think you may be right, I find
> > > this article is exectly what you said
> > > http://www.windowsitpro.com/Article/ArticleID/46573/46573.html
> > >
> > > I will
> > >
> > > "Paul Adare" wrote:
> > >
> > >> microsoft.public.windows.server.security news group, =?Utf-8?B?
> > >>
> > >> > we have another window 2000 replicate DC Server it is call "Spoon. the
> > >> > ip
> > >> > address of spoon is 192.168.1.3, I specify the ip address of
> > >> > 192.168.1.3. on
> > >> > the certificate setting > LDAP on our netscreen VPN/ Firewall. the
> > >> > automatic
> > >> > CRL retrive works.
> > >> >
> > >> > after this test I suspect there may be some default security setting
> > >> > may
> > >> > have disallow Netscreen to communicate with our windows 2003. do you
> > >> > know or
> > >> > is there any settting i need to be aware of ?
> > >> >
> > >>
> > >> Windows Server 2003 domain controllers do not allow anonymous access to
> > >> the directory by default unlike Windows 2000 domain controllers.
> > >>
> > >> --
> > >> Paul Adare - MVP Virtual Machines
Time to get rid of the netscreen or change the permissions to allow
anonymous access to the CDPs in AD
Brian

Posted by Mr555 on October 8, 2006, 7:48 pm
Please log in for more thread options
I have finally log a support calls to Netscreen they are investigating, so
will update this thread once I get more info.

Thank you for all the helps and suggestion

Regards

555

"Brian Komar [MVP]" wrote:

> @discussions.microsoft.com says...
> > i am running out of ideas enabled anonymous access still won't work under
> > windows 2003 server
> >
> > asked netscreen support they said they do not support microsoft product
> >
> > "S. Pidgorny <MVP>" wrote:
> >
> > > I'm sure you can authenticate LDAP connection from Netscreen and not to
> > > enable anonymous LDAP binding.
> > >
> > > --
> > > Svyatoslav Pidgorny, MS MVP - Security, MCSE
> > > -= F1 is the key =-
> > >
> > > > Hello Paul
> > > >
> > > > thank you for your answer to my questions I think you may be right, I
find
> > > > this article is exectly what you said
> > > > http://www.windowsitpro.com/Article/ArticleID/46573/46573.html
> > > >
> > > > I will
> > > >
> > > > "Paul Adare" wrote:
> > > >
> > > >> microsoft.public.windows.server.security news group, =?Utf-8?B?
> > > >>
> > > >> > we have another window 2000 replicate DC Server it is call "Spoon.
the
> > > >> > ip
> > > >> > address of spoon is 192.168.1.3, I specify the ip address of
> > > >> > 192.168.1.3. on
> > > >> > the certificate setting > LDAP on our netscreen VPN/ Firewall. the
> > > >> > automatic
> > > >> > CRL retrive works.
> > > >> >
> > > >> > after this test I suspect there may be some default security setting
> > > >> > may
> > > >> > have disallow Netscreen to communicate with our windows 2003. do you
> > > >> > know or
> > > >> > is there any settting i need to be aware of ?
> > > >> >
> > > >>
> > > >> Windows Server 2003 domain controllers do not allow anonymous access to
> > > >> the directory by default unlike Windows 2000 domain controllers.
> > > >>
> > > >> --
> > > >> Paul Adare - MVP Virtual Machines
> Time to get rid of the netscreen or change the permissions to allow
> anonymous access to the CDPs in AD
> Brian
>

Similar ThreadsPosted
fail to contact windows 2003 LDAP server to retrive new CRL. August 22, 2006, 6:11 pm
Using AD server as a ldap server and 4k bit server certificate key October 13, 2005, 10:28 pm
no server credential/no LDAP over SSL June 17, 2005, 3:24 pm
Microsoft Server 2003 LDAP Cert and CRL access by Router November 21, 2005, 8:21 am
service keeps failing due to bad id and pwd May 31, 2007, 11:48 am
Re: CRL failing to publish to AD September 5, 2008, 6:08 pm
Problem when requesting a certificate to IIS server (certificate web enrollment) October 4, 2005, 9:50 am
Configuring SSL for LDAP October 23, 2007, 10:01 am
Secure SSL with LDAP and AD May 20, 2008, 11:23 am
LDAP allows anonymous binds September 8, 2005, 9:01 am

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap