EventID.Net
 
home| search| account| evlog| eventreader| it admin tasks| tcp/ip ports| documents | contributors| about us 
 
Event ID/Source search
Event ID: Event Source:
Keyword search
Example: Windows cannot unload your registry file
EventID.Net Splunk Add-on

Splunk Add-onBuild a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.

read more...
 
Event ID: 36885 Source: Schannel
Source: Schannel
Maintenance: Recommended maintenance tasks for Windows servers
Type: Warning
Description:
When asking for client authentication, this server sends a list of trusted certificate authorities to the client. The client uses this list to choose a client certificate that is trusted by the server. Currently, this server trusts so many certificate authorities that the list has grown too long. This list has thus been truncated. The administrator of this machine should review the  certificate authorities trusted for client authentication and remove those that do not really need to be trusted.
English: Request a translation of the event description in plain English.
Concepts to understand:
What is Schannel?
Comments:
EventID.Net
See ME933430 for information about this event.
Click if the comment is good! x 29

SBS Diva
On Windows 2003 server with IIS, delete some of the trusted root certificates in the trusted root store for the machine that you are not using in your environment.

1. Add the Certificates snap-in to the Microsoft Management Console.

a. Click the Start button, click Run, type mmc, and click OK.
b. Click the File menu, and select Add\Remove Snap-in.
c. Click the Add button, then select the Certificates snap-in and click Add
d. Select Computer Account and click Next
e. Click Finish.
f. Click Close.
g. Click OK.

2. Expand Certificates (Local Computer).
3. Expand Trusted Root Certification Authorities.
4. Click on Certificates.
5. Backup and then delete trusted root certificates that you are not using in your environment.

NOTE: There are some root certificates that are required by Windows. See ME293781 to see the trusted root certificates that are required by Windows Server 2003, by Windows XP, and by Windows 2000.
Click if the comment is good! x 26

Simon Tremblay
Note In Windows Server 2003, the issuer list cannot be greater than 0x3000. When you update root certificates, the list of trusted CAs increases significantly in size and may cause the list to grow too long. The list then gets truncated and may cause problems with authorization. See ME931125 for details.
Click if the comment is good! x 31
Private comment: Subscribers only. See example of private comment
Links: ME293781, ME931125, ME933430
Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...
Feedback: Send comments or solutions - Notify me when updated

Printer friendly

  • Subscribe
    SubscribeSubscribe to EventID.Net now!
    Already a subscriber? Login here!

 





 

 

Recommend Us


  • Quick Tip
    Connect to EventID.Net directly from the Microsoft Event Viewer!
    Instructions


Customer services

Contact us
Support
Terms of Use

Help & FAQ

Sales FAQ
EventID.Net FAQ
Advertise with us

Articles

Managing logs
Recommended books
Newsletter

Links

Follow us on Facebook
Firegen Log Analyzers
Link to us


© Copyright 2001-2017 EventID.Net