Re: Complicated root CA issue..

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 06/07/05

Next message: greg: "MS Antispyware beta 1 Policy?"
Previous message: Steven L Umbach: "Re: Basic Security Help"
In reply to: =pathfinder=: "Complicated root CA issue…."
Next in thread: =pathfinder=: "Re: Complicated root CA issue.."
Reply: =pathfinder=: "Re: Complicated root CA issue.."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 7 Jun 2005 12:51:50 -0500

Assuming everything is working correctly you could logon to the domain
controller as a domain admin and then use the mmc snapin for certificates
for computer to request a domain controller certificate. Go to the
personal/certificates folder, right click, select all tasks - request new
certificate and select domain controller certificate. --- Steve

"=pathfinder=" <pathfinder@discussions.microsoft.com> wrote in message
news:4FE024BE-8CD0-42D2-BC96-229A4F95E885@microsoft.com...
> Ok, we have 6 DC's. I built 3 in the last year but a previous admin built
> the original 3 DC's. I have an enterprise Root CA, it has issued Domain
> Controller certs to the 3 DC's I built but I can't get Domain Controller
> certs to the original 3 DC's. I created an enrollment policy for the
> Domain
> Controller certs but only 1 of the original DC's picked that up.
>
> I really need to get Domain Controller certs on all my DC's as I am
> deploying WPA-Radius WiFi and need to use PEAP to authenticate my users.
> The
> PEAP works fine on a DC that has its cert will PEAP can't be configured on
> a
> DC with out the cert.
>
> Any ideas on what I can do to force a Domain Controller cert onto the 3
> original DC's?
> How do I request a Domain Controller cert manually?
>

Next message: greg: "MS Antispyware beta 1 Policy?"
Previous message: Steven L Umbach: "Re: Basic Security Help"
In reply to: =pathfinder=: "Complicated root CA issue…."
Next in thread: =pathfinder=: "Re: Complicated root CA issue.."
Reply: =pathfinder=: "Re: Complicated root CA issue.."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

[NEWS]Aruba Mobility Controller Shared Default Certificate
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Aruba Mobility Controller Shared Default Certificate ...
(Securiteam)
Re: Aruba Mobility Controller Shared Default Certificate - Response from Aruba Networks
... The certificate referenced in this posting is for demonstration purposes ... "A server certificate installed in the controller verifies the ... install a customer-specific server certificate in the controller, ... Aruba Mobility Controller Shared Default Certificate ...
(Bugtraq)
Issuing Domain Controller certificates manually
... Microsoft CA doesn't allow enrollment of Domain ... Controller or Computer certificates through web page. ... auto enrollment, certificate ... >template) could also be used with an more manual issuing ...
(microsoft.public.win2000.security)
Re: Certificate disappears after a few hours?
... This is very similar to my problem, except for older versions (IAS on Server 2003). ... However, none of these are accepted as EAP certificate in the NPS policy, but if I add the "Domain Controller" certificate everything works as expected. ...
(microsoft.public.windows.server.security)
Certificate Template Creation
... Certificate Authority. ... This server is Standard edition. ... "Automatic certificate enrollment for local system failed to enroll for one ... Domain Controller certificate. ...
(microsoft.public.windows.server.general)