How to get LastLogon property for all users in a Domain (VBScript)

Hi all, The following VBScript sample retrieves all users in Active Directory that haven’t ever logged on the domain, or haven’t logged on for at least maxDays (an argument passed to the script): On Error Resume Next ‘ Constants ‘ Const ONE_HUNDRED_NANOSECOND = .000000100 Const SECONDS_IN_DAY = 86400 ‘ Get Max Days as an argument passed…

4

How to create a certificate request with CertEnroll (ASP)

Hi all, The other day I posted a Javascript sample which shows how to use CertEnroll COM component to create a certificate request and install the response from the CA (Certificate Authority): How to create a certificate request with CertEnroll (JavaScript). The installation part of that sample assumed that we got a Base64 text with the…

0

CryptUIDlgViewCertificate installs a CA certificate without my consent

Hi all The other day I posted How to view a certificate programatically (C#) which includes a C# sample that we can use to view a certificate with CryptUIDlgViewCertificate API. This API shows the same dialog that appears when we double-click on the cert file in Explorer. When testing the sample, I tried it on a…

0

How to view a certificate programatically (C#)

Hi all, The following C# sample shows a dialog to view a certificate and its properties. This is the same dialog that appears when we double-click on the cert file in Explorer. I’ll use CryptUIDlgViewCertificate API and its CRYPTUI_VIEWCERTIFICATE_STRUCT structure to achieve this:… using System.Security.Cryptography.X509Certificates; using System.Runtime.InteropServices; namespace MyNamespace { public partial class MyClass { ……

10

CRL gets cached after we do an Online verification with X509Chain

Hi all, When we use X509Chain class to verify if our certificate is not revoked, we may experience the following behavior: 1) We do an online verification (X509Chain.ChainPolicy.RevocationMode set to X509RevocationMode.Online) on a valid certificate and it works properly: X509Chain.Build returns true because the certificate is valid. 2) We clean the CRL cache with the following command: certutil…

2

How to create a certificate request with CertEnroll (JavaScript)

Hi all, The following Javascript sample shows how to use CertEnroll COM component to create a certificate request:<html> <head> <title>Certificate Request test</title> </head> <body> <object id=”objCertEnrollClassFactory” classid=”clsid:884e2049-217d-11da-b2a4-000e7bbb2b09″></object> <script language=”javascript”> function CreateRequest() { document.write(“<br>Create Request…”); try { // Variables var objCSP = objCertEnrollClassFactory.CreateObject(“X509Enrollment.CCspInformation”); var objCSPs = objCertEnrollClassFactory.CreateObject(“X509Enrollment.CCspInformations”); var objPrivateKey = objCertEnrollClassFactory.CreateObject(“X509Enrollment.CX509PrivateKey”); var objRequest = objCertEnrollClassFactory.CreateObject(“X509Enrollment.CX509CertificateRequestPkcs10”) var…

54

SHA-2 support on Windows XP

Hi all, If you try to use any SHA-2 algorithm (SHA-256, SHA-384 and SHA-512) on Windows XP, you may get the following error when using i.e. CryptCreateHash: NTE_BAD_ALGID or -2146893816 or 0x80090008 or “Invalid algorithm specified”. Same algorithms are supported on Vista, though. Can we use SHA-2 algorithms in Windows XP at all? The answer is yes, but…

16