Monthly archives: February 2006

Timothy

Administrative Template for Configuring SCHANNEL

Windows' SChannel is the "service" that handles all the secure internet communications, such as PCT, SSL, and TLS.  Sometimes for security reasons, you may want to disable the older secure communication protocols, such as SSL 2.0.  SSL 3.0 has been in use for years now and enhances SSL 2.0, making it more cryptographically secure.  You may also want to disable PCT 1.0 since it's non-standard (although be careful with this as some built-in systems in windows, such as the Message Queue, rely on PCT).  Or perhaps you want to disable the newer protocols for compatibility reasons.  Who knows?

Before you would have to manually edit the registry on every affected machine.  So I created this Administrative Template for Group Policy to control these settings.  Unfortunately, Microsoft did not store these settings in the "true policy" locations of the registry, so in the GPEDIT.MSC you need to click on Administrative Templates, then select View -> Filtering...  Uncheck "Only show policy settings that can be fully managed."  This will allow you to see the "preferences."  (Policy settings that are not fully managed are called Preferences.)  You can google for more information on the differences between policies and preferences.

Anyway, this administrative template will be handy if you need to disable SSL 2.0 on a large array of web servers, for instance.  Or if you want to make sure that all outgoing communications are secure for workstations. 

Microsoft's explanation of Administrative Templates...
http://technet2.microsoft.com/WindowsServer/en/Library/8f0daf74-1eac-4d47-ac8a-bcbe23c673521033.mspx

Link to the SCHANNEL.ADM administrative template...
http://www.avianwaves.com/tech/tools/SCHANNEL_ADM/

Blog

Search Posts

Recent Comments

  1. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    ptbNPA: That should have been *ID 810*, not 820

  2. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    ptbNPA: For anyone else coming across this in the future and have an ID 820 error: For some strange reason...

  3. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Timothy: Sorry, I don't have any other insight. I'm sure you ran into all the same articles I did about the error...

  4. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    ptbNPA: FYI, after posting the issue on technet + windows-noob.com with no replies I decided to do a fresh Windows...

  5. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    ptbNPA: Hi and thanks for your post. I originally installed SQL 2016 with SP1 on a Windows server 2016 and got...

  6. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Timothy: Update Rollup 2.

  7. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Catwiesl: You write "Microsoft System Center Data Protection Manager (DPM) officially supports SQL 2016 with U...

  8. Re: PowerShell: Quickly Finding the Oldest and Newest Files in a Folder
    Neki: i would like to compare a local file with a remote file and download the remote file if its newer than...

  9. Re: RD Tabs: Tabbed Windows Remote Desktops
    lukas: Fantastic software though I am having issues saving passwords. As soon as I kill the program the setting...

  10. Re: Easy Way to Change Permissions on the Windows Server Scheduled Tasks Folder (C:\Windows\Tasks)
    George: From another server, using an admin account, I opened \\SERVER\c$\windows in Windows Explorer. Tasks...

Archive

Tag Cloud