Re: Certificates

From: SR (anonymous_at_discussions.microsoft.com)
Date: 12/01/03 

Date: Mon, 1 Dec 2003 12:30:44 -0800

I do have all PCs pointing to my DNS server on my network
which acts as a forwarder to my ISP's DNS servers. The
DNS server is running on the Domain controller with a
static IP so I have my bases covered on the DNS end. The
CA is an Enterprise Root running on a Windows 2000 member
server. The Domain Controller got it's certificate just
fine. The Windows 2000 Pro PC doesn't seems to have any
certificate store to look at locally. Is there a way to
recreate this local certificate store.

>-----Original Message-----
>It may be a networking or dns configuration problem. I
would run netdiag on both
>machines and dcdiag on the domain controller looking for
any failed pertinent tests.
>The domain controller in your situation should point
only to itself by it's assigned
>static ip address for dns server and the domain
computers also must point only to the
>domain controller for their dns configuration - NEVER
any ISP dns servers configured
>in tcp/ip properties of a domain computer. Netdiag and
dcdiag are on the install
>cdrom under the support/tools folder where you want to
run the setup program
>here. --- Steve
>
>"SR" <anonymous@discussions.microsoft.com> wrote in
message
>news:075c01c3b835$f9d13240$a001280a@phx.gbl...
>> I've setup a group policy in my Win2k domain (1 DC, 1
>> member server and 1 client) with active directory that
>> let's my machine request a machine certificate during
>> bootup/logon. When I try to have my Windows 2000 Pro PC
>> receive a machine certificate from my Enterprise ROOT
CA
>> (installed on a windows 2000 member server), I get an
>> error message saying that the certificate store cannot
be
>> enumerated. When I use the certificates snap in to find
>> my certificate store on the Windows 2000 Pro PC, I get
an
>> error message. What's wrong? How can I get my
certificate
>> stores back on my Windows 2000 Pro PC?
>
>
>.
>

Relevant Pages

  • RE: Multiple Public Domains on 1 SBS Certificate
    ... Nevertheless who control your external DNS server, ... Microsoft CSS Online Newsgroup Support ... Multiple Public Domains on 1 SBS Certificate ... >NS and MX records that point to the physical web site. ...
    (microsoft.public.windows.server.sbs)
  • Re: Certificates
    ... Running netdiag is still a good idea to check for things like domain controller ... > I do have all PCs pointing to my DNS server on my network ... > recreate this local certificate store. ...
    (microsoft.public.win2000.security)
  • Re: Certificates
    ... I am running SP4 on all PCs ... certificate store is on a Win 2k Pro PC. ... >> I do have all PCs pointing to my DNS server on my ...
    (microsoft.public.win2000.security)
  • Re: Split DNS
    ... I run another dns server in dmz. ... > only it is pointing to the external interface of the sbs box. ... Yes, you do, and the certificate should work if you use the same name on the ...
    (microsoft.public.windows.server.dns)
  • Re: simple question about certificate chains
    ... > unless you control/manipulate the dns server setup in the client ... No, browsers generally do *not* do this, for several reasons. ... client to incorrectly accept a certificate by simply spoofing its DNS ...
    (comp.security.ssh)
Loading