Unknown Identity
Unknown Identity 28.03.2011 16:24 (GMT+2) Internet Explorer strict revocation checking

Unfortunately there is no such option. There is setting that will permanently block connection to a HTTPS web site with invalid certificate, but not for mentioned case.

Unknown Identity
Unknown Identity 28.03.2011 15:54 (GMT+2) Internet Explorer strict revocation checking

>Of course systems administrators MUST instruct their users what to do when they see this message. Problem is: any security measure that depends on user actions - will fail. For high security environments there should be an option to simply deny access to sites that have some problems with certificates. Vasily

Unknown Identity
Unknown Identity 21.02.2011 12:47 (GMT+2) Share management in PowerShell

How fun! I linked to this on last weekend's weekly roundup and am just now getting around to letting you know. (I guess we were busy celebrating Easter!) Thanks so much for sharing!

Unknown Identity
Unknown Identity 19.02.2011 07:26 (GMT+2) Web server certificate enrollment with SAN extension

Ok, I'll check TechNet again. Probably this is the case.

Unknown Identity
Unknown Identity 19.02.2011 05:19 (GMT+2) Web server certificate enrollment with SAN extension

Vadims, generally good article but I think you misunderstand the purpose of EDITF_ATTRIBUTESUBJECTALTNAME2. This flag allows a user to submit a request to the CA with specifying additional attributes containing a SAN. This is actually a very sensitive operation and not recommended to be turned on. You really only want to do this if your templates require manager approval. You should not need to turn this flag on if the certificate request itself contains the SAN extension.