Re: Enroll user cert from AD using CAPICOM

From: David Cross [MS] (dcross_at_online.microsoft.com)
Date: 09/25/04

  • Next message: Will: "OpenProcess fails with Access Denied on Win2003"
    Date: Sat, 25 Sep 2004 08:02:55 -0700
    
    

    These samples should help you out:

    enrollment samples:
    http://msdn.microsoft.com/security/default.aspx?pull=/library/en-us/dncapi/html/certenrollment.asp

     http://download.microsoft.com/download/F/1/C/F1C40AF2-8DBE-4F13-B9CA-94F2E0E2DE2F/certificateenrollmentsamples.exe--David B. Cross [MS]--This posting is provided "AS IS" with no warranties, and confers no rights.http://support.microsoft.com"Daniel Sie [MSFT]" <dsie@online.microsoft.com> wrote in messagenews:ehe9N0eoEHA.260@TK2MSFTNGP10.phx.gbl...> CAPICOM cannot be used for enrollment. You need to check out XEnroll.>> --> Thanks,>> Daniel Sie [MSFT]>> This posting is provided "AS IS" with no warranties, and confers norights.> "Michael" <Michael@discussions.microsoft.com> wrote in messagenews:93B083FC-1B9F-4223-ADA2-C3D88F410CFB@microsoft.com...>> Hi,>> We are running AD 2000, and I would like to automatically enroll user>> certificates to my users. I found that AD 2000 only supports autoenrollment>> for machine cert (using GPO), but not for user cert.>> However, A VB-script using CAPICOM could be an alternative forenrollment. ri>> I have found very little examples of how to write such script.>> The followin
    g script part will not work, I dont get any hit from thefirst>> search>> (in this example I have hardcoded a username - the same username as the>> executing user of the script).>> I would really appreciate if someone can help me with this.>> //Michael>>>>>> Const CAPICOM_MY_STORE = "My">> Const CAPICOM_CA_STORE = "CA">> Const CAPICOM_ACTIVE_DIRECTORY_USER_STORE = 3>> Const CAPICOM_LOCAL_MACHINE_STORE = 1>> Const CAPICOM_CURRENT_USER_STORE = 2>> Const CAPICOM_STORE_OPEN_READ_ONLY = 0>>>> SS="SN=JSMITH">> Set oStore = CreateObject ("CAPICOM.Store")>> oStore.Open CAPICOM_ACTIVE_DIRECTORY_USER_STORE, SS,>> CAPICOM_STORE_OPEN_READ_ONLY>>>> Set oMYStore = CreateObject ("CAPICOM.Store")>> oMYStore.Open CAPICOM_CURRENT_USER_STORE, CAPICOM_MY_STORE,>> CAPICOM_STORE_OPEN_READ_WRITE>> oMYStore.Add oStore.certificates.item(1)>>


  • Next message: Will: "OpenProcess fails with Access Denied on Win2003"