23 September 2019

How to create a keytab file for Imprivata with Kerberos authenticating.


To use Kerberos authentication with Imprivata you to create KeyTab file which needs to be uploaded to the Imprivata appliance.  Creating a keytab file can be time consuming if it is your time. There are tutorials from Microsoft like this one here. These are long and not written for Imprivata. This tutorial is s only for Imprivata.

To create a KeyTab file for Imprivata we need the following before we can start

- Working Active Directory
- Domain Admin account
- Working Imprivata Appliance
- Windows Client with Imprivata One Sign Agent installed
- Imprivata Admin account

Logon to a Windows Client which has an Imprivata client installed. Use your Domain admin credentials. Start a command prompt via ISXRunAs.exe

"c:\Program Files (x86)\Imprivata\OneSign Agent\ISXRunAs.exe" cmd.exe

Goto the OneSign folder and start  ISXKerbUtil.exe


Enter the credentials of your Imprivata appliance.


In some scenarios this does not work.



There is a fix for this.

Logon to your Domain Controller and create a drive mapping to your Windows Client with the Imprivata agent. Start a command prompt and goto the OneSign Agent folder and start ISXkerbUtil.exe.


Enter the Imprivata appliance IP



Enter Imprivata account in UPN style.
Use a new password for the keytab file.




Succesfull created a keytab file.









29 October 2018

Intune with BitLocker on Hyper-V


Make sure your TPM Chip is working on your host machine.


image


Create a VM in Hyper-V.

image

image

image

Select Generation 2

image

image


Check if your VM has external network access


image


image

Choose install operating system later

image

image

Goto Settings of your VM

image

Goto security

image

Enable TPM and Click Apply.

image


Install your Operating system now.


If this happens, wait for your VM to start and click on Enhanced Session

image image


Log in with your Intune account


image

Start Bitlocker


image

Turn Bitlocker on

image

image

Click next

image

Click next

image

Click next

image

Choose your option and click next

image

Next


image

Start Encryption

image

Encryption is running. This can take some time to complete.

image


The error below occurs when a Generation 1 VM is used instead of Generation 2.


image

22 October 2018

How to enable Bitlocker on VM Workstation 14


Check if your Host machine has a Trusted Platform Module Enabled in your Device Manager.
clip_image002
Create new VM in VM Ware Workstation for Windows 10 64 Bit.
1. Dot not install the Operating System!
2. Goto Virtual Machine Settings
Enable UEFI and Enable Secure Boot
clip_image004
3. Goto Acces Control en click on Encrypt
clip_image006
4. Enter a secure password and click on Encrypt
clip_image008
5. Goto Hardware TAB and click on Add button
clip_image012
6. Select Trusted Platform Module and click on Finish.
clip_image010

7. Click on Ok and start installing your Windows 10 Operating system
Continue here when your Windows installation has finished.

8. Logon to your VM and choose enable bitlocker
clip_image014

9. Choose where to save your recovery key

clip_image016

10. Bitlocker is encrypting
clip_image018
clip_image020

11. Bitlocker is ready

clip_image022

03 October 2012

WIM2VHD for Windows 8!

Back in the days of Windows 7 I played arround with a script called WIM2VHD. After installing WAIK for Windows 7 on your machine you
could use a powershell script to create a working VHD file for you. This VHD file could be used for Native VHD Boot or Virtual PC. This worked
very could, the only disadvantange was the 2GB download of the latest WAIK. Now with Windows 8 and Convert-WindowsImage.ps1 there is no need to that.
After installing windows 8, there are only two things that you need. Get a copy of Convert-WindowsImage.ps1 from http://gallery.technet.microsoft.com/scriptcenter/Convert-WindowsImageps1-0fe23a8f
and have an ISO or WIM file from Windows Vista/7/8/Server 2008/2012 avaiable.  Start the script with .\Convert-WindowsImage.ps1 -ShowUI and your off.

DISM 32 bit on Windows 8 64 Bit

Windows 8 has DISM included for management of your VHD or WIM files. There is no need for downloading the WAIK first.

I tried using it for updating my own drivers in an automatic way. If you have a Dell laptop, you can download a CAB file with all your drivers from  Dell TechCenter
After downloading the file i learned that DISM on my Windows 8 64 Bit laptop is actually a 32 bit version. Why is this?

image

16 November 2010

Microsoft .Net Framework installeren op Windows 7

Ga naar Start –> Alle programma`s –> Configuratiescherm –> Programma`s

image

Klik op toevoegen

image

Selecteer twee Microsoft .Net Framework componenten

 

image

Klik op OK en je bent klaar.

How to create a keytab file for Imprivata with Kerberos authenticating.

To use Kerberos authentication with Imprivata you to create KeyTab file which needs to be uploaded to the Imprivata appliance.  Creating a ...