IE 9, Windows 7, Windows 8, SHA-2 encryption, certificate

Currently, I have I have an Exchange 2010 Service with 2 client access/ transport servers and 2 mailbox servers.  I use a barracuda load balance appliance to manage the CASarray.   Our SSL certificate for the service is currently SHA-1. 
I would like to replace  the SSL certificate so that it using SHA-2 encyption keys.  What compatibility issues do I need to be concerned about?  Most of our users are running Windows 7 with Outlook 2010 and/or Outlook 2007 to the Exchange 2010
service.    We also have a few Apple users running OS X and Office 2011 for the MAC.   We have a lot of ipad ii and above and iphone 4 and above users  using ios to connect to the service as well.    People  use a variety
of web browsers:  firefox, chrome, internet explorer, safarii.  Most of my users are still using IE 9.x due to better compatibility with some of our SAP software.
Will my users have problems using a comodo sha-2 ssl certificate in my environment?  Specifically, will there be issues with IE9.x on Windows 7?  Any issues with Apple devices?

Hi,
In order to both sign and validate SHA2 messages, Windows Vista or 7 with Outlook 2007 or 2010 is needed, so according to your description, it's fine to move to SHA-2 in your corporation.
Please see detailed information about SHA-2 with Windows in the following blog, some recommendations for Outlook and Windows are included in this link
http://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx
For mac users, it's better to contact the Apple support, for they're more familiar with their products like ipad, iphone and other Apple devices.
Yolanda Zhu
TechNet Community Support

Similar Messages

  • Can my MacBook Pro use boot camp with Windows 7 with BitLocker encryption?

    I'm at wit's end with this, and I'm hoping I can get some advice here.  I've read so many forum, posts and reviews that I'm not entirely sure what I can trust.
    I have an early 2011 MacBook Pro (MacBookPro8,3). I need to run Windows encrypted for work purposes. It needs to be real windows with full-disk encryption (FDE). The business tools run in boot camp, but not in Parallels, because Parallels doesn't support DirectX 11. I would also benefit greatly from an SSD.
    I do not want to do anything hacky like removing the Mac reocovery partition, because I've read that just loading Disk Utility in OS X might mess up your patrition boot tables as it tries to "fix" things. I don't want to have to manually reocover to fix stuff or chance losing data.
    I have read (and tried) installing BitLocker on Windows 7 Ultimate under boot camp, but ran into the partition limit on my internal HDD. A maximum of 4 partitions are allowed, and between OS X, its recovery, boot camp, and the Windows partition, all 4 are used.
    I have considered one of the following, which may work:
    Install OWC's Data Doubler Kit with an additional 240GB SSD (http://eshop.macsales.com/item/OWC/DDMBS6E240/). I would replace the internal SuperDrive with the HDD, and install the new SSD on the faster SATA 6G port. Windows would be installed on the SSD and OS X would stay on the HDD.
    Replace the internal HDD with a new SSD (keeping the SuperDrive). I would lose OS X altogether and just have Windows installed.
    Forget the entire thing and just buy a PC for work.
    My thoughts are that with option both options #1 and #2, I don't even know if these setups will allow BitLocker. In both cases, Windows will be the only partition on the drive, so I'm assuming that when BitLocker is installed, there will be room for the new partition it creates. With option #1, I'm pretty sure I'd still be using Boot Camp, but how would that would for option #2? Is boot camp used even though there is no Mac partition? Would I still need to keey the Mac Recovery partition for this to work? I'd probably need to use Boot Camp drivers under Windows, I think.
    I'd certainly be interested in using a self-encrypting drive (SED), especially a SSD, but I'm concerned that most of them appear to require TPM or BIOS functions that Mac's EFI does not provide. Such a drive would allow me to drop BitLocker, but I would need to be use the self-encryption actually works on this setup. From what I've read, most of the SED drives will work just fine under EFI, but you won't be able to set or access the encryption password, which pretty much makes these drives unencrypted.
    I've read that BitLocker can be configured to use a flash drive as a decryption key, but I haven't been able to test that yet. I'm tried creating bootable flash drives under Windows and OS X, and none of them seem to appear when I access the boot menu (hold option during boot chime). I don't even know if this system supports bootable USB flash drives, or whether they can be used as a BitLocker key under boot camp.
    For the record, I have attempted to use an external thunderbolt drive as my Windows partition, but Windows doesn't want to be installed on removable media, and even if it worked, I believe you can only boot OS X from thunderbolt. I do have a second OS X install booting from the thunderbolt drive, so I know that works. Also, FileVault 2 is installed on my OS X partition, and I read something about FV2 using the Recovery partition somehow so you can't remove the recovery partition to make room for BitLocker.
    So ... does anyone have any suggestions preferably based on personal experience as to whether options #1 or #2 should work for my needs?
    At this point, I'm really thinking I should just bite the bullet and purchase a PC that I will forever look down upon.

    Are you using a MacBook Pro? Is everything installed on the same drive?
    I would love to know how that install was performed. When I install Windows under boot camp, my MacBook Pro drive ends up with 4 partitions: Mac, Mac Recovery, Windows, and a small partition that I believe is used by boot camp.
    Installing BitLocker on Windows requires the creation of a new small partition that Windows will boot off. The small partition is unencrypted, while the primary Windows partition will get encrypted. The following post discusses the maximum partition issue: https://discussions.apple.com/message/22753791#22753791
    Has anyone installed Windows through boot camp on it's own drive, and if so, can BitLocker be installed on that without reaching any partition limit? I'm assuming that's possible, but would like to know before I spend hundreds on new hardware.

  • Windows Server 2008 R2 Standard "Certificate Authority Service" / Exchange Server 2010 EMC not starting and no AD connectivity for authentication.

    Hello,
    I am a new IT Manager at this company and need assistance big time. Their environment looks as follows:
    Server 1. Domain Controller Server (Windows Server 2008 R2 Standard) running active directory.
    Server 2. Email Server (Windows Server 2008 R2 Standard) running Exchange Server 2010 .
    * Note. No back ups to work with aside from whats mentioned below.
    DC had a virus infection causing a lot of issues on the shared network drives 2 days ago locking up all the files with a crypto ransom virus. Running Avast suppressed the infection. Had to recover the file shares which luckily had a back up. 
    The issue is that the Exchange Server 2 post this lost connectivity with the AD Server 1. Exchange Server 2 when launching EMC could not launch the console stating the following:
    "No Exchange servers are available in any Active Directory sites. You can’t connect to remote
    Powershell on a computer that only has the Management Tools role installed."
    Shortly after I found that it is possible the EMC launcher was corrupt and needed to be reinstalled following another blog post. I deleted the exchange management console.msc  per instructions only to discover I couldnt relaunch it because there was
    no way how. So I copied another msc file that happened to be on the DC Server 1  back to Exchange Server 2 and got it to launch again. 
    Another post said that it might be an issue with the Domain Account for the Computer, so to delete it in the AD Server 1 only to find that rejoining it from Exchange Server 2 using Computer>Properties> Chage Settings > Change is greyed out because
    it is using the Certificate Authority Service.
    I tried manually re-adding the computer in AD and modeling permissions after another server in group settings but no go. After this I was unable to login to the Exchange Server 2 with domain accounts but only local admin, receiving the following Alert:
    "The Trust Relationship between this workstation and primary domain failed."
    I tried running the Power Shell tools on Exchange Server 2 to rejoing and to reset passwords for domain accounts as noted in some other blogs but no luck as the Server 2 could not make the connection with Server1 or other errors it kept spitting out.
    I also during the investigation found the DNS settings were all altered on both the Server 1 and Server 2 which I luckily was able to change back to original because of inventorying it in the beginning when I started. 
    I need help figuring out if I need to rejoin the Exchange Server 2 manually by disabling the Certificate Authority Service (or removing the CA as listed here:
    https://social.technet.microsoft.com/Forums/exchange/en-US/fb23deab-0a12-410d-946c-517d5aea7fae/windows-server-2008-r2-with-certificate-authority-service-to-rejoin-domain?forum=winserversecurity
    and getting exchange server to launch again. (Mind you I am relatively fresh to server managing) Please help E-Mail has been down for a whole day now!
    Marty

    I recommend that you open a ticket with Microsoft Support before you break things more.
    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

  • Windows 8: Bit Locker encrypted drive "Access Denied" external drive

    I rebuilt my computer and installed win 8.1 pro.  Now my external drive comes up as an empty drive with "Access denied".  Here is the kicker: I had turned off bitlocker on the external drive long ago as it interfered with automated backups.
    Running the commands suggested here:
    https://social.technet.microsoft.com/Forums/windows/en-US/738c1760-c96d-430f-9ae6-1f28f5c60998/windows-8-bit-locker-encrypted-drive-not-found-or-access-denied?forum=w8itprosecurity it shows the bitlocker but as unlocked.  Drive still shows empty.
    Any suggestions?
    Thanks,
    Markus

    Ahh, turns out to be permission issue not bitlocker (or maybe bitlocker caused it to lose permissions, don't know).
    Opened MyPc, right click on drive ->properties->security->advanced and selected apply to all.
    Markus

  • [Windows] Captive runtime bundle package certificate signing don't work when icons included

    Here is the bugbase ticked: Bug#3949990 - [Windows] Captive runtime bundle package certificate signing don't work when icons included
    Application signing don't work when you build captive runtime bundle package which include icons. Don't matter application icons or associated file types icons. It works fine when you build application bundle without icons.
    It's a very critical issue, please fix it ASAP.
    Also application signing don't work if you using AIR SDK beta: Bug#3950022 - [Windows] Application signing don't work with AIR SDK beta
    I'd like to ask everyone affected by this issue to take a minute and vote for the following bugs.
    Thanks.

    I received feedback from our QA team this morning that they were able to reproduce the bugs but they are requesting access to the .as code if possible.  If you'd like to keep this private, please feel free to email it to me directly at [email protected]

  • Every time I try to open a new web page a window pops up saying the certificate for the page is invalid?? It won't let me on my emails or Facebook

    Every time I try to open a new web page a window pops up saying the certificate for the page is invalid?? It won't let me on my emails or Facebook

    This could be a complicated problem to solve, as there are several possible causes for it.
    Back up all data, then take each of the following steps that you haven't already taken. Stop when the problem is resolved.
    Step 1
    From the menu bar, select
               ▹ System Preferences... ▹ Date & Time
    Select the Time Zone tab in the preference pane that opens and check that the time zone matches your location. Then select the Date & Time tab. Check that the data and time shown (including the year) are correct, and correct them if not.
    Check the box marked 
              Set date and time automatically
    if it's not already checked, and select one of the Apple time servers from the menu next to it.
    Step 2
    Start up in safe mode and log in to the account with the problem.
    Note: If FileVault is enabled in OS X 10.9 or earlier, or if a firmware password is set, or if the startup volume is a software RAID, you can’t do this. Ask for further instructions.
    Safe mode is much slower to start up and run than normal, with limited graphics performance, and some things won’t work at all, including sound output and Wi-Fi on certain models. The next normal startup may also be somewhat slow.
    The login screen appears even if you usually login automatically. You must know your login password in order to log in. If you’ve forgotten the password, you will need to reset it before you begin.
    If the problem is not reproducible in safe mode, then it's caused by third-party "anti-virus" or "security" software. If you know what that software is, remove it as directed by the developer after backing up all data. If you don't know what it is, ask for instructions.
    Step 3
    Triple-click anywhere in the line below on this page to select it:
    /System/Library/Keychains/SystemCACertificates.keychain
    Right-click or control-click the highlighted line and select
              Services ▹ Show Info
    from the contextual menu.* An Info dialog should open. The dialog should show "You can only read" in the Sharing & Permissions section.
    Repeat with this line:
    /System/Library/Keychains/SystemRootCertificates.keychain
    If instead of the Info dialog, you get a message that either file can't be found, reinstall OS X.
    *If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination command-C. Open a TextEdit window and paste into it by pressing command-V. Select the line you just pasted and continue as above.
    Step 4
    Launch the Keychain Access application in any of the following ways:
    ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
    ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
    ☞ Open LaunchPad and start typing the name.
    In the upper left corner of the window, you should see a list headed Keychains. If not, click the button in the lower left corner that looks like a triangle inside a square.
    In the Keychains list, there should be items named System and System Roots. If not, select
              File ▹ Add Keychain
    from the menu bar and add the following items:
    /Library/Keychains/System.keychain
    /System/Library/Keychains/SystemRootCertificates.keychain
    Open the View menu in the menu bar. If one of the items in the menu is
              Show Expired Certificates
    select it. Otherwise it will show
              Hide Expired Certificates
    which is what you want.
    From the Category list in the lower left corner of the window, select Certificates. Look carefully at the list of certificates in the right side of the window. If any of them has a blue-and-white plus sign or a red "X" in the icon, double-click it. An inspection window will open. Click the disclosure triangle labeled Trust to disclose the trust settings for the certificate. From the menu labeled
              Secure Sockets Layer (SSL)
    select
              no value specified
    Close the inspection window. You'll be prompted for your administrator password to update the settings.
    Now open the same inspection window again, and select
              When using this certificate: Use System Defaults
    Save the change in the same way as before.
    Revert all the certificates with non-default trust settings. Never again change any of those settings.
    Step 5
    Select My Certificates from the Category list. From the list of certificates shown, delete any that are marked with a red X as expired or invalid.
    Export all remaining certificates, delete them from the keychain, and reimport. For instructions, select
              Help ▹ Keychain Access Help
    from the menu bar and search for the term "export" in the help window. Export each certificate as an individual file; don't combine them into one big file.
    Step 6
    From the menu bar, select
              Keychain Access ▹ Preferences... ▹ Certificates
    There are three menus in the window. Change the selection in the top two to Best attempt, and in the bottom one to  CRL.
    Step 7
    Triple-click anywhere in the line of text below on this page to select it:
    /var/db/crls
    Copy the selected text to the Clipboard by pressing the key combination command-C. In the Finder, select
              Go ▹ Go to Folder...
    from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return.
    A folder named "crls" should open. Move all the files in that folder to the Trash. You’ll be prompted for your administrator login password.
    Restart the computer, empty the Trash, and test.
    Step 8
    Triple-click anywhere in the line below on this page to select it:
    open -e /etc/hosts
    Copy the selected text to the Clipboard by pressing the key combination command-C.
    Launch the built-in Terminal application in the same way you launched Keychain Access.
    Paste into the Terminal window by pressing command-V. I've tested these instructions only with the Safari web browser. If you use another browser, you may have to press the return key after pasting. A TextEdit window should open. At the top of the window, you should see this:
    # Host Database
    # localhost is used to configure the loopback interface
    # when the system is booting.  Do not change this entry.
    127.0.0.1                              localhost
    255.255.255.255          broadcasthost
    ::1                                        localhost
    fe80::1%lo0                    localhost
    If that's not what you see, post the contents of the window.

  • Force Windows to use a specific certificate instead of another (802.1x)

    Hello guys,
    I have two user certificates that can do Client Authentication. One is for Lync 2013 (issued by Communication server) and one issued by our Root CA (for 802.1x authentication). Every time i try to connect to our network (wired or wireless). I got prompted
    to select the proper certificate. I saw multiple of threads talking about this but no one seems to have an idea how to get rid of this. I check the ''Use simple certificate selection'' but i still have the prompt message to choose between the two certificates.
    Thank you!

    Hi,
    Have you tried to manage the certificates in Control Panel\Credential Manager?
    Under Windows Credentials, click "Add a certificate-based credential", type your network address and choose a certificate.
    For ''Use simple certificate selection'' , see this
    http://social.technet.microsoft.com/Forums/windows/en-US/4b5f6dc7-72c6-476f-893c-cb68c52f1001/choosing-a-client-certificate-to-present-for-8021x-authentication?forum=w7itpronetworking

  • SHA-1 Encryption is not working in Container managed security

    Hi,
    I have to turn to your help after no luck with other possible resource.
    I implemented container managed security on my apps and it works well without the encrypted password(clear text) in the table column. Now I referred OC4J Security guide to implement the password encryption as follows:
    1. Using the DBTableOraDataSourceLoginModule, set the option pw_encoding_class = oracle.security.jazn.login.module.db.util.DBLoginModuleSHA1Encoder
    2. run the following procedure:
    DECLARE
        l_password VARCHAR2(50) := 'welcome';
        l_password_raw RAW(128) := utl_raw.CAST_TO_RAW(l_password);
        l_encrypted_raw RAW(2048);
        l_encrypted_string VARCHAR2(2048);
        l_encrypted_string2 VARCHAR2(2048);
    BEGIN
        dbms_output.put_line('Password in String: ' || l_password);
        dbms_output.put_line('Password in raw: ' || l_password_raw);
        l_encrypted_raw := dbms_crypto.hash(l_password_raw, dbms_crypto.HASH_SH1);
        dbms_output.put_line('SH1: ' || l_encrypted_raw);
        l_encrypted_string := UTL_ENCODE.BASE64_ENCODE(l_encrypted_raw);
        dbms_output.put_line('Base64Encoding: ' || l_encrypted_string);
    END;
    3. update the clear text password with the SHA-1 encrypted password and encoded in Base64Encoding (in my case, it's the parameter "l_encrypted_string")Now I run the application and login says "password not matching!" If anyone know what's going on, please advise me what's wrong...pls
    thanks very much,

    Hi,
    hard to say without knowing the code the OC4J team uses in their login module. I know they based it on a JAAS LoginModule I wrote some years ago, but they did change some parts of it. In the original version. the password was read from the database and then compared with the provided password string. Using encryption it uses a class to encode and decode the password queried from teh database. My guess is that the returned string - after decoding - doesn't meet the password string you provide when authenticating. Since this piece of code is owned by the OC4J team, I suggest to try the Application Server forum or the Security forum
    Frank

  • WILL MAC OS 10.4 server SUPPORT SHA-2 SSL CERTIFICATES

    Am running Mac OS Server 10.4.11 on a PowerPC Mac Mini (1.42GHz) and currently have SHA-1 SSL certificate from GoDaddy.
    They want everyone to upgrade to a SHA-2 (SHA256) SSL certificate for Google's Chrome browser which will soon start showing SSL errors for SHA-1 certificates.
    Is Mac OS Server 10.4.11 capable of serving up a SHA-2 SSL certificate?  (I originally renewed last Feb. to a SHA-2 certificate, but many browsers didn't recognize it, so I re-keyed to a SHA-1 certificate that is good to 12/31/15.

    Hi, I do not know, but I doubt it.
    Here's the 10.4 Server forum if you want to ask over there...
    Mac OS X Server v10.4 and earlier

  • SHA-1 Encryption is not working under OC4J security

    Hi,
    I have to turn to your help after no luck with other possible resource.
    I implemented container managed security on my apps and it works well without the encrypted password(clear text) in the table column.
    (Jdeveloper 10g, OC4J 10g)
    Now I referred OC4J Security guide to implement the password encryption as follows:
    1. Using the DBTableOraDataSourceLoginModule, set the option pw_encoding_class = oracle.security.jazn.login.module.db.util.DBLoginModuleSHA1Encoder
    2. run the following procedure:
    DECLARE
        l_password VARCHAR2(50) := 'welcome';
        l_password_raw RAW(128) := utl_raw.CAST_TO_RAW(l_password);
        l_encrypted_raw RAW(2048);
        l_encrypted_string VARCHAR2(2048);
        l_encrypted_string2 VARCHAR2(2048);
    BEGIN
        dbms_output.put_line('Password in String: ' || l_password);
        dbms_output.put_line('Password in raw: ' || l_password_raw);
        l_encrypted_raw := dbms_crypto.hash(l_password_raw, dbms_crypto.HASH_SH1);
        dbms_output.put_line('SH1: ' || l_encrypted_raw);
        l_encrypted_string := UTL_ENCODE.BASE64_ENCODE(l_encrypted_raw);
        dbms_output.put_line('Base64Encoding: ' || l_encrypted_string);
    END;
    3. update the clear text password with the SHA-1 encrypted password and encoded in Base64Encoding (in my case, it's the parameter "l_encrypted_string")Before setting up pw_encoding_class option, the DBTableOraDataSourceLoginModule with the clearText password in table column is working well.
    Now after the above steps, I run the application and login says "password not matching!" If anyone know what's going on, please advise me what's wrong...pls
    thanks very much,

    Hi,
    hard to say without knowing the code the OC4J team uses in their login module. I know they based it on a JAAS LoginModule I wrote some years ago, but they did change some parts of it. In the original version. the password was read from the database and then compared with the provided password string. Using encryption it uses a class to encode and decode the password queried from teh database. My guess is that the returned string - after decoding - doesn't meet the password string you provide when authenticating. Since this piece of code is owned by the OC4J team, I suggest to try the Application Server forum or the Security forum
    Frank

  • SHA-2 SSL certificates supported on Server v10.5?

    Am upgrading Mac OS Server 10.4.11 on a PowerPC Mac Mini (1.42GHz) to Server 10.5  and currently have SHA-1 SSL certificate from GoDaddy.
    They want everyone to upgrade to a SHA-2 (SHA256) SSL certificate for Google's Chrome browser which will soon start showing SSL errors for SHA-1 certificates.
    Is Mac OS Server 10.5 capable of serving up a SHA-2 SSL certificate?  (I originally renewed last Feb. to a SHA-2 certificate, but many browsers didn't recognize it, so I re-keyed to a SHA-1 certificate that is good to 12/31/15.
    Mac mini, Mac OS X Server (10.4.11, upgrading to 10.5.x), Power PC 1.42GHz

    Hi, I do not know, but I doubt it.
    Here's the 10.4 Server forum if you want to ask over there...
    Mac OS X Server v10.4 and earlier

  • Windows 8.1 Device Encryption and MBAM

    According to this TechNet article http://technet.microsoft.com/en-us/library/dn306081.aspx Windows 8.1 now has a feature called device encryption that will encrypt the drive
    after windows installation. It says in the above TechNet article that "If you have configured this Group
    Policy setting with the option Save BitLocker recovery information to Active Directory Domain
    Services unchecked, device encryption will be prevented because device encryption requires that the recovery password be backed up to AD DS if the device
    is domain-joined." Is there any way to get MDOP 2014 (mainly MBAM 2.5) to put the recovery key on our MBAM server? We are currently using MBAM 1.0 and are planning to upgrade. If this request is possible then it will accelerate our upgrade plans. 
    Thanks for your help! 

    Hi,
    MBAM stores the recovery key in the MBAM database. You have to configure GPO using the MBAM admx files and install MBAM Client on your target machines.
    /Oliver

  • New windows 8.1 clients getting certificate error

    We are running exchange 2010 and one of our end-users just recently purchased a windows 8.1 laptop.  When he tries to connect to exchange using the built-in mail app, he gets the error, "To connect to this account, you need a valid certificate
    on this PC.  Contact your system administrator for more info"
    I searched a lot online and found a suggestion of signing into OWA and exporting the root level certificate, then installling it.  I did that, but still receive the error on his machine. 
    Any suggestions?

    Hi,
    Supplementing a blog for your reference:
    Supporting Windows Mail 8.1 in your organization
    http://blogs.technet.com/b/exchange/archive/2013/10/18/supporting-windows-mail-8-1-in-your-organization.aspx
    Hope it is helpful
    Thanks
    Mavis
    Mavis Huang
    TechNet Community Support

  • Windows 8: Bit Locker encrypted drive "Not Found" or "Access Denied"

    I just upgraded my Windows 7 Ultimate to Windows 8 Pro. C drive is not Bit locker protected, but D drive is. When I go to Computer and double click on D drive, it tells me one of two errors: 1) Application Not Found (more common), or 2) Access is Denied
    (less common).
    I thought maybe Bit locker wasn't working, but I plugged in my USB stick that is encrypted and had no issues; it asked for the password and opened the folder.
    One thing I did earlier was to setup a new local account, give it administrator password, then delete the other account that I had originally used in Win7 (and in installing Win8). Maybe this caused some sort of security problem.
    Please help.
    Thanks.

    I have been using Bitlocker since it was available with Vista Ultimate.   I have had the same password to unlock my drive for 5 years. I NEVER keep my recovery key this drive. but just last month i copied all my data to another drive formatted
    it to freshen it up and copied it back over. For some reason i kept the recovery key TXT file....  when i tried your method here due to the same exact problem listed the command prompt would not allow me to enter a password in CMD or powershell. Since
    i had the recovery key .. THANK GOODNESS it unlocked perfectly and i was able to retrieve my 6 years of Data.  So yes, this works and works well.  thank You!

  • Bitlocker, Windows 8 and self encrypting drives

    I am trying to install a Seagate Constellation.2 self-encrypting drive with Windows 8 for use with Bitlocker. Articles that I've read imply that Bitlocker will recognise the SED.
    There's no problem with the installation but there is no indication that Bitlocker sees it as anything other than a normal drive.
    If I try to encrypt the full drive with Bitlocker, it's obvious, from the time it takes, that it is software encrypting it.
    I have read the article about 'encrypted hard drives' and note that it says that SEDs are not the same thing. Frankly, I don't understand this and neither do other people on the web who have written saying that SEDs are now supported by Bitlocker.
    Can you help with this please?
    Thanks

    The constellation ES.2 and ES.3 drives will not be able to be used as hardware encryption with Bitlocker on Windows Server 2012/8 they will just show as normal hard disks as your seeing and then you can use Bitlocker software encryption.
    The reason they don't work is because Windows Server 2012/8 requires a OPAL 2 compliant drive and the Seagate constellation ES.2 and ES.3 drives are not OPAL 2 compliant drives. This is common across all vendors at the moment I was told, so until someone
    releases a OPAL 2 compliant drive you will only be able to use bitlocker software encryption.
    Niki Han
    TechNet Community Support

Maybe you are looking for

  • How can I set up an HTML form to send iCal invites from a chosen date?

    I am working on a site that has a form for booking appointments, and I have used a popup calendar and time for users to select. However, this needs to be sent to the recipient as an iCal event via email so they can just click Accept and it goes into

  • Install certificate error

    I have been trying for at least a month to install the new iTunes. Every time it gets in the middle of the install it errors out saying there is an invalid certificate.

  • Creation of Materialized view and Materialized view log.

    I wanted to create materialized view with 'REFRESH FAST ON COMMIT' option. 1) Table1 --it is partitioned range + list -- Added primary key 2) view1   -- having primary keys on view's base table Steps: 1) create materialized view log on Table1 ; -- de

  • PO in excel sheet

    Dear Experts, How to export PO to excel format. Rgds

  • Projector for MacBook Pro

    Does anyone have any recommendations for a good projector for a MacBook Pro for projecting a simple Keynote presentation? Thanks.