Re: Windows 2000 Certificate Services Management / auto renew
From: Vishal Agarwal[MSFT] (vishala_at_online.microsoft.com)
Date: 01/12/04
- Previous message: Bryan: "Administrator password."
- In reply to: Fred Dunn: "Windows 2000 Certificate Services Management / auto renew"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 12 Jan 2004 09:26:26 -0800
You can use ICertView COM interface to look into CA's database and find the
certificates that are about to expire.
For User certificate Auto-renewal, you should use V2 templates and have
atleast Windows XP as the client base.
Thanks,
Vishal [MSFT]
-- This posting is provided "AS IS" with no warranties, and confers no rights "Fred Dunn" <dunn@uthscsa.edu> wrote in message news:98C77791-5725-4351-A465-9FF05A8582AA@microsoft.com... > We have a Windows 2000 CA in place and we are piloting a smartcard authentication project now. All appears to work fine but no notice is given to the certificate holder before their cert expires. Is there a COM object that I can use to script a parse of the Issuing CA's edb file for certs that are about to expire? CAPICOM does not "see" smartcard certs except those on the local system when the smartcard is inserted. When I perform a search with the CAPICOM object for ACTIVE_DIRECTORY_USER_STORE it only returns the certs issued for encryption, signing, etc. but never returns an EKU of smartcard logon. > At the same time is there a method of auto-renewal of smartcard certs? This is a "show stopper" for our pilot. We have seen some features that may work in Windows 2003 Certificate Services but don't want to have to go to that extreme if not necessary. Any ideas are welcome. > > Thanks, > Fred Dunn > University of Texas Health Science Center
- Previous message: Bryan: "Administrator password."
- In reply to: Fred Dunn: "Windows 2000 Certificate Services Management / auto renew"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
