Re: View certificate database
From: David Cross [MS] (dcross_at_online.microsoft.com)
Date: 04/30/03
- Next message: John McCoy: "Re: Need advice for CA Model"
- Previous message: David Cross [MS]: "Re: Need advice for CA Model"
- In reply to: Deweirt Steven: "Re: View certificate database"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 30 Apr 2003 05:50:36 -0700
yes, you can revoke the certificate on the CA itself. That would be the
proper operation in this case.
-- David B. Cross [MS] -- This posting is provided "AS IS" with no warranties, and confers no rights. http://support.microsoft.com "Deweirt Steven" <sdeweirt@hotmail.com> wrote in message news:e1yXmWpDDHA.3064@TK2MSFTNGP11.phx.gbl... > Can you set the revoke list somewhere else on another server? trough a copy > are something? > Thx ! > > > "David Cross [MS]" <dcross@online.microsoft.com> wrote in message > news:ejAkqzkDDHA.2892@TK2MSFTNGP11.phx.gbl... > > If the user has the same UPN value (name) as in the subjaltname of the > cert, > > the cert is implicitly trusted. The mapping is done via the UPN. > > > > -- > > > > > > David B. Cross [MS] > > > > -- > > This posting is provided "AS IS" with no warranties, and confers no > rights. > > > > http://support.microsoft.com > > > > "Deweirt Steven" <sdeweirt@hotmail.com> wrote in message > > news:O6gtLgiDDHA.2100@TK2MSFTNGP11.phx.gbl... > > > Can somebody help I want to know if the mapping between a user > certificate > > > and user happens on the SID are what? > > > Because if I delete the user and recreate it with the same name he has > > back > > > access to the certificate secured objects. > > > > > > Thx > > > > > > "youpski" <youpski@remove_hotmail.com> wrote in message > > > news:004401c30e16$5bf94cc0$3401280a@phx.gbl... > > > > Yes, that is what you would think. Authenticated Users > > > > has read access there by default. Still. no authenticated > > > > user can access the database. So the problem lies > > > > somewhere else. > > > > > > > > thnx anyway Y > > > > > > > > > > > > >-----Original Message----- > > > > >You need to provide Read access to the desired users or > > > > group. You can do > > > > >that in the Security tab of the CA snapin > > > > > > > > > >-- > > > > >This posting is provided "AS IS" with no warranties and > > > > confers no rights. > > > > >Use of any included samples is subject to the terms > > > > specified at > > > > >http://www.microsoft.com/info/copyright.htm" > > > > >"youpski" <youpski@remove_hotmail.com> wrote in message > > > > >news:03a301c30d8f$b8a855b0$3001280a@phx.gbl... > > > > >> Hello, how do I allow or delegate non-administrators to > > > > >> view the Certificate Database on a CA server. When you > > > > >> are not a member of the local Administrators group on > > > > the > > > > >> CA server you receive an "Access Denied" 0x5 when > > > > >> openeing the Certification Authority snap in on a > > > > remote > > > > >> computer. When you are a member of the Administrators > > > > >> group on the CA server you can view the database (no > > > > >> Access Denied error) but you can also revoke > > > > certificates > > > > >> and alter the database settings. I want other people to > > > > >> just view the database using the MMC snap in on their > > > > >> local machine. View the pending-,issued- and failes > > > > >> requests on the CA server... they may not alter the > > > > >> database or the settings, just view it. > > > > >> > > > > >> thnx Y > > > > > > > > > > > > > > >. > > > > > > > > > > > > > > > > >
- Next message: John McCoy: "Re: Need advice for CA Model"
- Previous message: David Cross [MS]: "Re: Need advice for CA Model"
- In reply to: Deweirt Steven: "Re: View certificate database"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
