Re: Small error in "Best Practices for Implementing a MS W2003 PKI"

From: Roger Abell [MVP] (mvpNoSpam_at_asu.edu)
Date: 06/30/05 

Date: Thu, 30 Jun 2005 09:03:15 -0700

Hi Guilliaume,

It sounds like you have presented a valid case, if you have not misread,
so I have passed this info along for inspection/handling.

Thanks, 

-- 
Roger Abell
Microsoft MVP (Windows Server: Security)
MCDBA,  MCSE W2k3+W2k+Nt4
"Guillaume" <Guillaume@discussions.microsoft.com> wrote in message 
news:BF890D32-A565-4666-9525-76F901153310@microsoft.com...
> Hi everyone,
>
> Don't know exactly where to post this information, but I thought it would
> better to report it. If it really is an error... Otherwise please feel 
> free
> to correct me!
>
> In the document "Best practices for implementing a Microsoft Windows 
> Server
> 2003 PKI" at
> "http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/ws3pkibp.mspx?pf=true"
> In the AIA Publishing properties section, the table that gives the values
> seems to be wrong. From the tests I've done, it should read:
> - Include in the AIA extension of issued certificates = 2 (instead of 1)
> - Include in the online certificate status protocol (OCSP) extension = 32
> (instead of 2)
> By the way, the right values are used in the sample scripts that follow 
> for
> configuring the CAs. That's when I modified the scripts for my own
> configuration and wanted to check the values that I found this.
>
> Not much, but it can always help!
>
> Guillaume.
>

Relevant Pages

  • Problem accessing FTP site from remote PC
    ... I'm currently hosting a website on a Windows Server 2003 box and I've configured the site just fine and users can navigate to that website with their web browser and view the contents etc. ... An error occurred opening that FTP folder on the FTP Server. ... I'm really at a loss now as to what I might be doing wrong, I would be the first to admit that I am not an expert when it comes to configuring FTP access but I'm scratching my head trying to think what else I could do to get this to work. ...
    (microsoft.public.inetserver.iis.ftp)
  • The local policy of this system does not permit you to log on interactively
    ... I've right set up the Active Directory of Windows Server 2003. ... configuring anything at the moment I've tried to connect to Windows Terminal ... user to enable interactively log in? ...
    (microsoft.public.windows.server.general)
  • Small error in "Best Practices for Implementing a MS W2003 PKI"
    ... better to report it. ... In the AIA Publishing properties section, the table that gives the values ... the right values are used in the sample scripts that follow for ... configuring the CAs. ...
    (microsoft.public.security)
  • The local policy of this system does not permit you to log on interactively
    ... >I've right set up the Active Directory of Windows Server ... >configuring anything at the moment I've tried to connect ... >user to enable interactively log in? ...
    (microsoft.public.windows.server.general)
  • New user
    ... I am configuring a new Windows Server 2003 and when ... I' ve looked everywhere for any policies ... me or direct me to the proper place to find why my ...
    (microsoft.public.windows.server.active_directory)