Category: Windows Server/Client

ADFS 2019

ADFS 2019 what’s new:

ADFS 2019 on Windows server 2019 has just been release recently, but I do not recommend to put in production because you can discover some side effects with AADConnect, Office 365, MFA onprem server service running on the ADFS servers and your current federated-based applications not yet compatible (ie Cisco Webex, Cisco Jabber …)



Recently I am facing remote desktop login problem in on Windows 2003 Server.
While I am enter user name and password server give me logon error.

“The system cannot log you on due to the following error:
The RPC server is unavailable.
Please try again or consult your system administrator.


From another member server with admin rights,

open the eventvwr and connect remotely to the faulty server (application log): errors on UserEnv

then to solve this issue:

open the remote registry using regedit and connect to the faulty server remotely

then create this registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server

Create a new Value selecting Dword and name it as IgnoreRegUserConfigErrors and give a value as 1

Reboot is not required.

Now try doing an RDP – it should work!


How to repair servermanager.exe on 2012 R2 ?

if servermanager crash and if there is an event on application event log:

Event ID: 1000
Faulting application path: C:\Windows\system32\ServerManager.exe
Faulting module path: C:\Windows\system32\wmidcom.dll


Rename the registry key HKLM\SOFTWARE\Microsoft\ServerManager\ServicingStorage\ServerComponentCache
Reboot to take effect then if KO remove the .old registry keys


# Try without doing anything bad

Stop-Computer -WhatIf

# Stop the local computer


# Try without doing anything bad on multiple systems

Stop-computer -ComputerName ‘computer1′,’computer2′,’computer3’ -whatif

# Stop multiple systems

Stop-computer -ComputerName ‘computer1′,’computer2′,’computer3’



Microsoft security compliance toolkit:

Il remplace Security Compliance Manager. Cet outil permet de planifier, créer, et monitorer des baselines de sécurité pour vos postes clients. Le remplacement a été choisi par Microsoft du fait de la complexité de SCM et de la difficulté à maintenir l’outil pour chaque version de Windows. Aujourd’hui, SCT ne supporte pas Desired Configuration Management de System Center Configuration Manager ou SCAP.

Other references:

2012 R2 hardening (CIS):

Windows 10 hardening:




How to change Users folder from default location to the D: drive ?


Note: You Change All Users Profile Path. For That You Have To Change “ProfileDirectory” Path From ProfileList key (see above). Its Applicable For New User Login !





To test SSL/TLS and much more you can use the free online tool from Qualys:

Third-party Tool:


Links related to TLS which I have consulted: Solving the TLS problem ==>

How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll ==>

TLS/SSL Settings ==>

Managing SSL/TLS Protocols and Cipher Suites for ADFS:


SSSD principle:

SSSD for SuSE (sles):


Troubleshooting SSSD:

Resolution:   id  <userid> ; getent passwd <userid>

Authentication: ssh <userid>@localhost


In addition to redhat guide, there are tones of interesting links: