Monthly archives: February 2006

Timothy

Administrative Template for Configuring SCHANNEL

Windows' SChannel is the "service" that handles all the secure internet communications, such as PCT, SSL, and TLS.  Sometimes for security reasons, you may want to disable the older secure communication protocols, such as SSL 2.0.  SSL 3.0 has been in use for years now and enhances SSL 2.0, making it more cryptographically secure.  You may also want to disable PCT 1.0 since it's non-standard (although be careful with this as some built-in systems in windows, such as the Message Queue, rely on PCT).  Or perhaps you want to disable the newer protocols for compatibility reasons.  Who knows?

Before you would have to manually edit the registry on every affected machine.  So I created this Administrative Template for Group Policy to control these settings.  Unfortunately, Microsoft did not store these settings in the "true policy" locations of the registry, so in the GPEDIT.MSC you need to click on Administrative Templates, then select View -> Filtering...  Uncheck "Only show policy settings that can be fully managed."  This will allow you to see the "preferences."  (Policy settings that are not fully managed are called Preferences.)  You can google for more information on the differences between policies and preferences.

Anyway, this administrative template will be handy if you need to disable SSL 2.0 on a large array of web servers, for instance.  Or if you want to make sure that all outgoing communications are secure for workstations. 

Microsoft's explanation of Administrative Templates...
http://technet2.microsoft.com/WindowsServer/en/Library/8f0daf74-1eac-4d47-ac8a-bcbe23c673521033.mspx

Link to the SCHANNEL.ADM administrative template...
http://www.avianwaves.com/tech/tools/SCHANNEL_ADM/

Blog

Search Posts

Recent Comments

  1. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Brian: Thank you so much Edward! :-)

  2. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Tom: Thank you Edward! After beating my head against a wall for days, tried your suggestion out and lo and...

  3. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Mike: DPM 2016 setup will fail if you have SQL Server Management Studio (SSMS) V17.x installed. Re-Install...

  4. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Rob: Edward, thanks man! you were a lifesaver. My scenario was Win Server 2016 from scratch, SQL 2016 (N...

  5. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Edward: It also crashes with the 4387 error if you have the SQL Management Studio 17 tools installed. Installing...

  6. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Ram: Hi - I followed richsmif instruction and was able to successfully install DPM 2016 on SQL 2016. Completed...

  7. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Neighborgeek: Thanks for the post, this is exactly the issue I am running into. I'm disappointed to see that you didn...

  8. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    richsmif: I have DPM 16 working with SQL 16. Install SQL 16 first, don't touch, install DPM 16 , upgrade to ...

  9. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    ptbNPA: That should have been *ID 810*, not 820

  10. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    ptbNPA: For anyone else coming across this in the future and have an ID 820 error: For some strange reason...

Archive

Tag Cloud