Re: Wireless PKI for external users

From: jaff (jaff_at_discussions.microsoft.com)
Date: 07/06/05

• Next message: John: "Re: Avoid Administrator password hacking ????"
• Previous message: matchstich: "Re: "Microsoft is in discussions to buy controversial adware maker"
• In reply to: Mark Gamache: "Re: Wireless PKI for external users"
• Next in thread: S. Pidgorny : "Re: Wireless PKI for external users"
• Reply: S. Pidgorny : "Re: Wireless PKI for external users"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 5 Jul 2005 23:36:03 -0700

I think so. I don't find the way to create a certificate with Windows 2003
that isn't associate to a domain account.
So, how can I give certificates and validate these externals users?

"Mark Gamache" wrote:

> I believe that the cert. must also be associated with a valid domain account
> for IAS to process the remote access policy.
>
> --
> Mark Gamache
> Certified Security Solutions
> http://www.css-security.com
>
>
>
> "S. Pidgorny <MVP>" <slavickp@yahoo.com> wrote in message
> news:O$1MUtVgFHA.3868@TK2MSFTNGP14.phx.gbl...
> > Yes, you can use Windows 2003 PKI for any kind of client supporting
> > standard
> > file formats. The easiest way to ship the cert to non-domain user would be
> > to ship PKCS #12 (.p12/.pfx) file containing private key and the cert -
> > enroll marking private keys exportable, install the cert and export. Note
> > that the external users must trust your CA.
> >
> > --
> > Svyatoslav Pidgorny, MS MVP - Security, MCSE
> > -= F1 is the key =-
> >
> > "jaff" <jaff@discussions.microsoft.com> wrote in message
> > news:4066EB2E-1727-4DC8-9A0D-8D18BF5215BC@microsoft.com...
> >> Can I use Windows 2003 PKI for non-domain users? Can I obtain a
> > certificate
> >> for a non-domain user through Windows 2003 PKI?
> >> How can I connect securely externals users to my wireless network?
> >> Thanks
> >
> >
>
>
>

---

• Next message: John: "Re: Avoid Administrator password hacking ????"
• Previous message: matchstich: "Re: "Microsoft is in discussions to buy controversial adware maker"
• In reply to: Mark Gamache: "Re: Wireless PKI for external users"
• Next in thread: S. Pidgorny : "Re: Wireless PKI for external users"
• Reply: S. Pidgorny : "Re: Wireless PKI for external users"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Wireless PKI for external users ... the proiblem isn't that the certificate is associated with AD ... > that isn't associate to a domain account. ... >> I believe that the cert. ... >>>> How can I connect securely externals users to my wireless network? ... (microsoft.public.security) Re: Issue Certificate to AD Users ... x509 certificates are not directly associated with Active Directory. ... can install his certificate to CurrentUser system store. ... certificate to domain account. ... > cert to logon and access the website that needs SSL. ... (microsoft.public.platformsdk.security) WiFi on HTC Touch ... How to connect to network with domain over WiFi with WPA, TKIP and PEAP. ... have domain account, but connect not successful - system says that need ... Server not betray this certificate. ... (microsoft.public.pocketpc)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(17)