Re: Certificate Subject DN...

From: David Cross [MS] (dcross@online.microsoft.com)
Date: 11/28/02

• Next message: JR: "Re: Service Ticket Request Failed - 677?"
• Previous message: David Cross [MS]: "Re: Moving a Certificate Authority to another server"
• In reply to: William Adams: "Certificate Subject DN..."
• Next in thread: William Adams: "Re: Certificate Subject DN..."
• Reply: William Adams: "Re: Certificate Subject DN..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "David Cross [MS]" <dcross@online.microsoft.com>
Date: Thu, 28 Nov 2002 08:35:52 -0800

Unfortunately this is a limitation of the Windows 2000 CA, it does not
include the full DN. The Windows .NET CA has removed this limitation.

Note if you are using checkpoint, the latest version of their software no
longer requires this odd requirement.

--
David B. Cross [MS]
--
This posting is provided "AS IS" with no warranties, and confers no rights.
http://support.microsoft.com
"William Adams" <w.adams@nexor.co.uk> wrote in message
news:#Ghg6BvlCHA.2224@tkmsftngp02...
> Hi,
>
> I have set up an Enterprise CA, I can happily issue certificates to
people.
> However I have a problem, I have a security program that relies on the
> subject DN in the certificate to be the actual DN of the user in the
Active
> Directory. By default with a 'user' certificate template it is the email
> address of the form CN=Bob Bloggs,emailAddress=Bob@bloggs.com. If you use
> the 'Exchange user' template then it specifies a DN but this DN is made up
> from what the user specifies on the form. Both of these methods mean the
> subject DN in the certificate bears no relation to the active directory.
>
> Any ideas on how to make the subject DN reflect the location of the user
in
> the directory?
>
>     -Will
>
>

• Next message: JR: "Re: Service Ticket Request Failed - 677?"
• Previous message: David Cross [MS]: "Re: Moving a Certificate Authority to another server"
• In reply to: William Adams: "Certificate Subject DN..."
• Next in thread: William Adams: "Re: Certificate Subject DN..."
• Reply: William Adams: "Re: Certificate Subject DN..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Certificate Subject DN... ... > to get to a certificate from the subject of a ... The Windows .NET CA has removed this limitation. ... >> longer requires this odd requirement. ... (microsoft.public.win2000.security) RE: updates after format ... if the Microsoft Server is down. ... software you are installing has not passed Windows Logo testing verify its ... When you try to download an ActiveX control, install an update to Windows ... and you do not have the appropriate certificate in your Trusted Publishers ... (microsoft.public.windows.mediacenter) Re: Need help configuring Wireless Connection profile ... and I can only use the intel OR windows utility, not both at the same time. ... Windows authentication for all users,4129,LRG\ryanv,4149,Wireless WPA2 ... SMALL BUSINESS SERVER: ... STEP #1 Install Certificate Services ... (microsoft.public.windowsxp.general) [NT] Limitations in Cisco Secure Desktop ... Get your security news from a reliable source. ... Cisco has been made aware of limitations in the Cisco Secure Desktop (CSD) ... Information Leakage via Windows Paging File: ... This limitation is the inability to prevent data from leaking to the ... (Securiteam) Re: Windows Update repeats ... You cannot install some updates or programs ... to a Windows component, install a service pack for Windows or for a Windows ... The Microsoft digital signature affirms that software has been tested with ... Publishers certificate store. ... (microsoft.public.windowsupdate)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint