Quantcast
Channel: Security and Compliance Management forum
Viewing all 481 articles
Browse latest View live

Security Compliance Manager 4.0 downloaded - no release notes

August 4, 2016, 5:08 pm
$
0
0

I downloaded Security Compliance Manager version 4.0 yesterday. (About shows Version 4.0.0.1 Setting Library Version 2.0.82001). I was prompted to upgrade when I started SCM up. However when I click on the release notes, it take me to the website with the SCM 3.0 release notes http://go.microsoft.com/fwlink/?LinkId=179814. A quick google, and I can't find any news about this release.

Question: does any ones have a link to the actual SCM 4.0 release notes / changelog. There do not appear to be newer baselines available at this point as I get referred to already downloaded baselines when I hit "Download Microsoft baselines automatically"

Start of webpage as it stands today

Version History

SCM v3.0.60.0 (January 28, 2013)



In addition to key features from the previous version, SCM 3.0 offers new baselines for Windows Server 2012, Windows 8, and Internet Explorer 10! SCM enables you to quickly configure and manage computers and your private cloud using Group Policy and Microsoft System Center Configuration Manager.

Search

SCM 4.0 - Adding settings from "Windows 10 version 1511" - 0 settings Available

August 11, 2016, 12:28 pm
$
0
0

Hi,

So similar issue to the Associate bug that can be "fixed" with a work around from:

https://secpfe.com/wordpress/en/2016/08/01/scm-issue-workaround-0-unique-settings-from-the-gpos-xxx-unique-settings-apply-to-this-product/

NOTE: this didn't fix my issue.

I'm having an issue simply adding a setting from a baseline... It seems there  is a problem with the way the baselines are being imported into the tool and database.... When i try to add a setting from "Windows 10 version 1511" it tells me that 0 settings Available... Yet if i choose, win7 or win8,  it works fine.. Same issue with "Exchange server 2007 sp3" and "exchange server 2010 sp2"

I've been digging around in the database to see if i can work out a way to hack around the issue but have not had any success...

It seems that the Table "dbo.PrePopulatedProductAndCceIDForSetting" does not have the proper ProductID for what is being queried with stored procedure "dbo.GetSettings". Also I searched "dbo.Setting" for a Windows 10 only GPO, then recorded that SettingID. I tired finding that particular SettingID withink "dbo.PrePopulatedProductAndCceIDForSetting" and it does not exist..

At this point i have no idea on how to proceed....

Any suggestions?

LGPO Compatibility issues

August 16, 2016, 5:23 am
$
0
0

Dear All,

I installed SCM (Security compliance Manager). LocalGPO setup installed from C:\Program Files (x86)\Microsoft Security Compliance Manager\LGPO, Open with Run As administrroatr, its saying " This tool only run windowsxp, server 2203, vista, server 2008 R2 or windows8, Server2012. Can you please help to resolve this issue.

Applying Security Templates

September 11, 2016, 2:12 am
$
0
0

I just installed security compliance manager.

When I select a security settings I cant seem to make changes and all options are greyed out.

How can I apply the security template to a non domain joined workstation? and How can I scan a computer if it has adherent security settings to the template baseline I created?

For God, and Country.


Security Compliance Manager 3.0 "The data could not be exported to Excel" (Office 365 complication)

February 26, 2015, 11:01 am
$
0
0

Situation: *I have a bad feeling there is no actual fix for this other than to uninstall and install msdn office 2013 instead... but, I am posting this not only for posterity/Internet searches, but also for the Developers of the SCM 3.0.  

I am posting this so that they know they will need to readdress their workmanship of the macro-based Excel Compare; since, to assume that everyone has Macros turned "on" in the first place is a VERY BAD assumption, but also if/when there are problems in adding VBA/"Always On Macro Support - as in some Admins won't allow this in their environment because Users are stupid and click on anything"... it would behoove them not to assume that such an environment exists; they should develop their tools for the "Least Privileged User" and the Most Restrictive setup of toolsets...  Don't "Ass-u-me".

Win 7 workstation - domain joined, I am a domain admin, but running the tool on desktop as User

SCM 3.0, Office 365 (FYI... you absolutely no control over Excel/Office Tools "Features" in Office 365. You "should have" Visual Basic for Applications available for Macros to work correctly from the Solution Accelerator.  But you have no way of knowing whether or not it is actually installed and/or working when its Office 365, due to only "Repair" or "Uninstall" options are available.  "Change", i.e., "Add or Remove Features" is not available in the 365 version.)

**************OK, with that said and off my chest ***********************

Have 2 GPOs imported, ready to "Compare/Merge".  In the Compare/Merge Screen, click on Export to Excel > Excel Opens, however:

It prompts you to "Export to Excel" which is actually a "Save As" dialog box... which defaults to My Documents (first Screenie) and give you the error (seen in second screenshot).  Compare/Merge pops open a "CompareExport.xlsm" file which is supposed to AutoLaunch via an Excel Macro and show you your settings.

The file has no data.

***UPDATE: I don't know if this will work for others?  But I chose "Desktop" lastly, and it finally worked /sigh effing sigh...

I am not about to solution their own product for them; but it seems (guess) that perhaps there is a "security feature" in regards to "where" exactly you are trying to save the file?  WHo knows... Just keep messing about, you may have luck...

Grrrrrrr

Configuring DISA STIG Group Policy Settings for Windows 10

March 3, 2016, 5:49 pm
$
0
0

I am looking at the best way to configure the DISA STIG group policy settings for Windows 10 Enterprise. Ideally DISA would provide a official group policy backup /template file with all the settings configured in their STIG files, allowing administrators to easily import the complete set of settings directly into an actual GPO for testing / deployment.

Unfortunately I have checked with DISA and they indicated they do not provide an actual GPO backup, they indicated that administrators must configure the settings themselves based on their guidance in the STIG. So this appears to mean the only way to get the STIG settings into a actual GPO is to manually configure each of the 200+ settings in the GPO.

I am wondering if anyone is aware of a better or easier way to configure/import DISA STIG settings into a GPO. I see other threads on this regarding using the Microsoft Security Compliance Manager to somehow accomplish this but I have yet to find a solution that would actually work in this scenerio.

DISA provides a Manual-xccdf.xml file which contains all the STIG settings and that is able to be imported into STIG view application as well as other compliance tools. Unfortunately this file can't be imported into the Microsoft SCM to allow a backup to be created.

Is anyone aware of a way to import this xccdf content into the Microsoft SCM? 

Secuirty Compliance manager administrative template

September 14, 2016, 9:14 am
$
0
0

The security compliance manager is recommending to disable WDigest as part of the domain controller policy. This policy setting references an SCM administrative template. Could someone advise where I can find this template to import?

Thanks

Paul Glickenhaus

Paul Glickenhaus

Cannot send receive live.com e-mails

September 17, 2016, 5:00 pm
$
0
0

Using windows 10 and Microsoft Outlook 2010

Cannot send or receive e-mails using live.com because I am getting the following error messages

400126

41004

error 3219

Any help would surely be appreciated as I am so frustrated after trying everything I know

Also, I cannot sync Outlook calendar between our two computers.

Thanks in advance for your help.  HankL

HankLask

Search

Security Compliance Manager - Templates for Windows Server 2012 r2

September 28, 2016, 3:15 am
$
0
0

Hello,

I am trying out the security templates from Microsoft Security Compliance Manager 4. I could not help to noticed that server security templates for Server 2003 SP2, 2008 R2 Sp1, 2008 SP2, 2012 have templates for different roles. However I could only find a Domain Security, Member Server and Domain Controller for Server 2012 R2.

I was wondering where I could find the templates for 2012 R2, I have the latest updates for SCM 4 (Security Compliance Manager).

Any ideas?

For God, and Country.

Urgent - please help!!!!!!

October 27, 2016, 9:49 am
$
0
0

Hi there, 

Normally I use my cell phone to check my email, my account is   lydialliu@hotmail.com

All of sudden, on last Saturday, the pop message kept saying as it looks like someone else using your account.  I know nobody using my account, only I use it. I followed instruction to submit a few new form to recovery my account over and over, every time they said the automated system has determined that the information I provided was not sufficient for them to validate my account ownership.

 

I created this account when I was in school about 20 years ago, I can't remember those information when I registered this account.  I keep using it as my major personal account for more than 20 years; my important financial data are inside of this email account. I need to access this account anyhow.

I have all my information including my tax returns in this sub-folder, and all my membership information, I need it ASAP. 

Please, please help me - I am desperately to access this account. I also need the information from this account to renew my license which will be expired shortly. 

Thank you so much!

Please help me by using my alternative email account as of lydial18@hotmail.com

Thanks a lot!!!!!!


Having problems installing Microsoft Security Compliance Manager

November 8, 2016, 2:31 am
$
0
0

Having major problems installing Microsoft Security Compliance Manager.

Tried on Server A and encountered Error 1603 when installing on existing sql express 2008r2 instances

Therefore tried to add a new instance in sql express and still encountered Error 1603 error after some time, therefore decided to remove all sql express instances and sql server express, I then installed the Microsoft Security Compliance Manager. afresh and now once the installation start I eventually get an error message: Unknown error (0x84b40000)

I have even tried to install this on another server without sql server express installed and encounter the same error: Unknown error (0x84b40000)



space536

I have also referenced the log file being generated on failure;

Overall summary:
  Final result:                  SQL Server installation failed. To continue, investigate the reason for the failure, correct the problem, uninstall SQL Server, and then rerun SQL Server Setup.
  Exit code (Decimal):           -2068578304
  Exit facility code:            1204
  Exit error code:               0
  Exit message:                  Network Service or Local Service account is not permitted for the SQL Server service on a domain contoller. Specify a different account.
  Start time:                    2016-11-08 11:37:25
  End time:                      2016-11-08 11:37:40
  Requested action:              Install

Referencing the Exit Message: I am unable to define the Network Service or Local Service when installing Microsoft Security Compliance Manager 

Software Compliance

November 8, 2016, 8:58 pm
$
0
0

Please tell that whether these softwares are licensed or Freeware ?

Active Directory Management Pack Helper Object

CA ARCserve Backup
Microsoft Data Access Components KB870669
Microsoft System Center 2012 - DPM Protection Agent
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
MSXML 6.0 Parser
NSClient++ (Win32)
NSClient++ (x64)
System Center 2012 - Operations Manager Agent
Trend Micro OfficeScan Agent
VMware Tools
Windows Assessment and Deployment Kit for Windows 8.1 Preview
Windows Internet Explorer 10
Windows Internet Explorer 6
Windows Resource Kit Tools - FRSDiag.exe
Windows Support Tools



Windows 10 1607 template

November 9, 2016, 2:02 am
$
0
0
The .cab file still not released? How to follow SCM developement? I downloaded large .zip with lot of stuff of W10 1607 and Server 2016, but dunno what to do with it.

Windows 10 - Outlook 2010 emails aren't sent

July 30, 2015, 2:08 pm
$
0
0

Just upgraded to Windows 10 and Outlook 2010 won't send emails.  It will receive messages OK. All the settings are correct and when I set up a new account I can send a test message via the set up system.  The test message is received on other devices as well as my desktop.

However, when I try to send a new mail I get an error saying 'Cannot connect to the network' error 0x800CCC13.  I have tried installing and reinstalling office 2010, I have tried setting up a new email addresses on different servers nothing appears to work.  I have attempted to send with my firewall off again no joy.

Outlook 2010 worked fine in Windows 8.1

Any suggestions?

GPO Backups - Import + Merge + Export problems

January 9, 2013, 4:37 pm
$
0
0

Hi guys,

I've been having a weird issue with SCM that I hope you can shed some light on.

Scenario:
Via GPMC:
* Backup Group Policy A to a folder.
* Backup Group Policy B to a folder.

Via SCM
* Import Group Policy A.
* Import Group Policy B.
* Compare/Merge GPOA to GPOB.
* Merge Baselines as "Group Policy A v2"
* Export to GPO Backup (folder) "Group Policy A v2 (SCM Export)"
- Successful, but some setting were dropped "as they are were not configured". eg: 

Setting Name: NoChangingWallPaper , UI Path: Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop , CCEID: 
Setting Name: DisablePersonalDirChange , UI Path: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer , CCEID: 
Setting Name: NoThemesTab , UI Path: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer , CCEID: 
Setting Name: fEnableTimeZoneRedirection , UI Path: Software\Policies\Microsoft\Windows NT\Terminal Services , CCEID: 
+ a few more

* Import GPO Backup "Group Policy A v2 (SCM Export)" (i.e. the same one that we just exported)
* Compare/Merge "Group Policy A v2" to "Group Policy A v2 (SCM Export)"

Result:
- Settings that differ: 0
- Settings that match: 43
- Settings only in Baseline A: 28
- Settings only in Baseline B: 39

For some reason the exported GPO doesn't match the merged baseline GPO.

Version Info:
SCM v2.5.40
Software Library: v1.5.21101

I've emailed a copy of the GPMC Backups to secwish@microsoft.com, referencing this thread.

Any thoughts about why the merged, exported then imported GPO doesn't match the merged baseline?

Thanks & Regards,
Tim

Search

Running Hyper-V on Windows 7!

December 24, 2009, 6:45 am
$
0
0
I know this might sound like a silly question, but its only cuz im still new to the whole virtualization technology!

Suppose i have a pc that runs windows7, is it possible to install Hyper-V on top of it?

thank you all in advance

Hyper V with VM Ware

May 8, 2014, 2:34 pm
$
0
0

First off, i'm new to the whole virtualization thing. So i'm working on setting up some labs on my home PC. This is teh PC set up.

Asus F1A55-M LE board with an AMD A6-3650 APU quad core, Windows 7 Professional, 4g Ram and I am using VMWare's VMware Player. I've also updated the BIOS to the latest version.

I have installed Server 2008 R2 SP1 with no problems. I can add roles, etc, all of that works. However, I cannot get get Hyper Visor to work after installing the role. No matter what I do, unisntall the role, reinstall it, delete the host VM machine and create a new one, the same two items show up in the device manager.

Virtual Machine Bus and Virtualization Infrastructure Driver. Both show the same following error.

Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)

I've tried updating the Server install, all 156+ windows updates. Still no change. Tried locating the drivers on the Server image file, states I already have the latest working version. When checking the Event viewer, they both read this;

'Virtualization Infrastructure' driver required by the Virtual Machine Management service is not installed or is disabled. Check your settings or try reinstalling the Hyper-V role.

Log Name:      Microsoft-Windows-Hyper-V-VMMS-Admin
Source:        Microsoft-Windows-Hyper-V-VMMS
Date:          5/8/2014 5:21:35 PM
Event ID:      14098
Task Category: None
Level:         Error
Keywords:      
User:          SYSTEM
Computer:      WIN-2I0PJCH7JHI
Description:
'Virtualization Infrastructure' driver required by the Virtual Machine Management service is not installed or is disabled. Check your settings or try reinstalling the Hyper-V role.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-Hyper-V-VMMS" Guid="{6066F867-7CA1-4418-85FD-36E3F9C0600C}" />
    <EventID>14098</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2014-05-08T21:21:35.723425800Z" />
    <EventRecordID>17</EventRecordID>
    <Correlation />
    <Execution ProcessID="1296" ThreadID="1648" />
    <Channel>Microsoft-Windows-Hyper-V-VMMS-Admin</Channel>
    <Computer>WIN-2I0PJCH7JHI</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <UserData>
    <VmlEventLog xmlns:auto-ns2="http://schemas.microsoft.com/win/2004/08/events" xmlns="http://www.microsoft.com/Windows/Virtualization/Events">
      <Parameter0>Virtualization Infrastructure</Parameter0>
    </VmlEventLog>
  </UserData>
</Event>

I've searched TechNet and Google. Found a few items that were close to my issue, but nothing exactly. 

All i'm trying to accomplish is, to have one virtual PC using Hyper V and the Server running in the VM Player so I can play.

Any idea's why these two drivers will not start? I've even downloaded multiple copies of the Server 2008 R2 from Microsoft.



Audit Success Logs!!

November 24, 2016, 4:49 am
$
0
0
Hi, I recently signed up a Windows 2008 R2 SP1 server. I have then come to notice at the event logs, "Audit success" successful logon attempts from the Microsoft Windows Security Auditing,, specifically 4624(4), 4634(1), 4648(1), 4672(4) and 4776(3) within the last hour. However I have only logged on once to the said server!!! I am now wondering if they are or have been attempts to infiltrate my server and what these entries mean and how I can ensure that my server is safe from any would be attacks. Kindly assist as I am not very familiar with server security. Thanks.

PCI Compliance & Sweet32 vulnerability.

December 12, 2016, 7:24 am
$
0
0

Recently our our PCI Compliance vendor is failing our Exchange 2013 server on port 25 & 443 for the Sweet32 vulnerability.

Any input on mitigating the issue (without breaking mail flow) would be appreciated.

below is the ciphers we are getting flagged for.

Block cipher algorithms with block size of 64 bits (like DES and 3DES) birthday attack known as Sweet32
Cipher Suite
TLSv1 : DES-CBC3-SHA
TLSv1_1 : DES-CBC3-SHA
TLSv1_2 : DES-CBC3-SHA

Thanks in advance!

patch complaince

January 17, 2017, 8:53 pm
$
0
0

i need some advice on how to get this to work. Not sure if this needs to go into the SCCM forum but i will ask here first

I have duplicated the Win7SP1 Extended DCM Checks and just set the Patch Management section to Severity=Critical and Enabled. I exported it to SCCM 2007 .cab, imported it into SCCM 2012 and deployed it. I run it and it tells me i am compliant but i know the PC is not.

Is anyone able to advise the best way to do this so that i can check compliance against MS for missing patches via DCM?

Viewing all 481 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>