Re: Issue Certificate to AD Users
From: Dmitrii S. Zakharov [MSFT] (dmitriiz_at_online.microsoft.com)
Date: 04/05/04
- Previous message: Dmitrii Zakharov[MSFT]: "RE: Issue Certificate to AD Users"
- In reply to: Allie: "Issue Certificate to AD Users"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 4 Apr 2004 23:09:12 -0700
Hi, Allie,
x509 certificates are not directly associated with Active Directory. They
are issued to so called Common Name (CN). However, an AD user, logged into
windows, can install his certificate to CurrentUser system store. That way
programs running in his logon session will have access to his certificate
and will use it for establishing SSL connection.
In addition, you can use Active Directory to establish explicit mapping of a
certificate to domain account. (Ask if you need more details on exact
procedure). In that case such a certificate should be stored at Domain
Controller.
-Dmitrii
"Allie" <moonghost@tom.com> wrote in message
news:O8Saz#rGEHA.1264@TK2MSFTNGP10.phx.gbl...
> Hello All,
> I want to know how could I issuing certs to AD Users.
> eg.I can issue a cert for testuser@test.com and then testuser could use
this
> cert to logon and access the website that needs SSL.
> what should I do when making Cert Request?
> allie
>
>
- Previous message: Dmitrii Zakharov[MSFT]: "RE: Issue Certificate to AD Users"
- In reply to: Allie: "Issue Certificate to AD Users"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
