Security #How to encrypt 7zip folders using as repository

If you have necessity to protect some folders using passwords/encryption using as single repository (where copy/modify/delete folders/Files) consider that 7zip has a simple feature that permit to get this result.

An alternative way is using EFS (more secure) or attaching .VHD file and proceeding, furthermore, to apply bitlocker encryption.

Here they are related articles useful to go deeper on this topic.



7zip, EFS

 https://helpdeskgeek.com/windows-10/how-to-password-protect-a-folder-in-windows-10/

Bitlocker e VHD

https://www.tenforums.com/tutorials/138500-create-bitlocker-encrypted-container-file-vhd-vhdx-windows.html



Posted by
Labels:

Server - MMC GPO Security Options errors - MMC cannot initialize the snap-in

Using MMC snapin, on windows server (in my case on 2016 version), basically managing GPOs, you might face below errors.

I get the error message stated in the subject line whenever I try to open Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> from GPO.



I found three alternatives to manage this error:

Option 1

  1. This was broken with the September 8, 2020—KB4577015 update. currently the only solution is to uninstall it.

    https://community.spiceworks.com/topic/2291581-windows-2016-mmc-snap-in-error

  2. Then install KB4571694, reboot and try again or patch KB4580346 (I did not investigate at 100%)

    https://community.spiceworks.com/topic/2291581-windows-2016-mmc-snap-in-error

    https://learn.microsoft.com/en-us/answers/questions/124913/server-2016-mmc-has-detected-an-error-in-a-snap-in
Option 2
  1. Export REG key:

    reg export "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SecEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DontDisplayLockedUserId" C:\Temp\DontDisplayLockedUserId.reg

  2. Deleting REG key

    reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SecEdit\Reg Values\MACHINE/Software/Microsoft/Windows/CurrentVersion/Policies/System/DontDisplayLockedUserId" /f

  3. Change GPO 

  4. Reimport Register key
    Double clicking here
    C:\Temp\DontDisplayLockedUserId.reg
  5. Original article: 

    https://learn.microsoft.com/en-us/answers/questions/124913/server-2016-mmc-has-detected-an-error-in-a-snap-in
Option 3

  1. On a full patched server or PC install RSAT and solve problem in this way
    https://www.alessandromazzanti.com/2019/05/windows-10-how-to-install-rsat-on.html

  2. Server - How to Execute RSAT snapins with different users without server/client logon necessity
    https://www.alessandromazzanti.com/2017/10/server-how-to-execute-rsat-snapins-with.html

REFERENCES
Posted by
Labels: , , , ,

Tutorial - PFX to PEM certificate exporting procedure #HOW TO

If you have necessity to transform .PFX certificate to .PEM files you have to follow a specific procedure:

Consider that PFX file is a certificate, in PKCS#12 format, it contains SSL certificate (public keys) and corresponding private keys.
Be aware that a PEM file is a text file, containing one or more items, in Base64 ASCII encoding, each with plain-text headers and footers (e.g. -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----)

Here they are steps that you should take place

  1. Install OpenSSL
    https://slproweb.com/products/Win32OpenSSL.html

  2. Copy .pfx files in same folder where OpenSSL.exe is located

  3. First case: To convert a PFX file to a PEM file that contains both the certificate and private key:

    Launch below commands:
    openssl pkcs12 -in original_certificate.pfx -nocerts -out Exported_certificate_private_key-encrypted.key

    (you will be prompted to insert original password and new one)

    openssl pkcs12 -in original_certificate.pfx -clcerts -nokeys -out Exported_certificate_private_key-encrypted.crt

  4. Second case: How to convert PFX file to PEM file (that contains both certificate and private key):
    openssl pkcs12 -in original_certificate.pfx -out Exported_certificate.pem -nodes

    (you will be prompted to insert original password and new one)
[Original articles]



Posted by
Labels: ,

Server - Dell how to install idrac license

I am taking note a simple Dell article that, well explain, on how proceed to install idrac Dell license

https://www.dell.com/support/kbdoc/en-uk/000145345/poweredge-how-to-manage-an-idrac-license-via-the-web-interface?lwp=rt

Posted by
Labels:

Veeam - Free Guide "Vmware Backup For Dummies"

Veeam give you ability to freely download Vmware Backup dummies edition.

It is simple necessary to insert, on web form, few personal/working information and download link is available.

English version

https://go.veeam.com/wp-vmware-backup-for-dummies

Italian Version

https://www.veeam.com/it/wp-vmware-backup-for-dummies.html

On blog you can review old blog posts at below link:

https://www.alessandromazzanti.com/search/label/Veeam





Posted by
Labels: , , ,

Teams - New version faster and with less memory usage

Microsoft, released, during these days, a new Teams versions that it should be decisevely faster and with less memory usage.

This is official Microsoft article.

Here you can find other blog teams related articles:

Teams - How to disable message reading acknowledgement

Citrix - Teams installation & Remote Assistance Request/Offer limitation


Posted by
Labels: ,
Subscribe to: Posts (Atom)