Re: Installing Certificate Services using sysocmgr

From: Paul Adare - MVP - Microsoft Virtual PC (padare_at_newsguy.com)
Date: 07/29/04 

Date: Thu, 29 Jul 2004 08:40:52 -0600

In article <7AB01A6C-2E14-411A-8952-19D645E8A232@microsoft.com>, in the
microsoft.public.win2000.security news group, =?Utf-8?B?Tm9vciBTeWVk?=
<NoorSyed@discussions.microsoft.com> says...

> The org. where I work requires installing everything silently.
> BTW, when MS provided the unattended answer, that means its doable.
> Any help would be greatly appreciated. Thanks -Noor.
>

Blindly requiring everything to be done a certain way, just for the sake
of doing that way is not a good policy. BTW - just because an option to
do something a certain way is provided does not mean that is an
appropriate method of doing it that way.

I am trying to give you the benefit of my experience here (and I have a
_lot_ of experience in this particular field). Installing Certificate
Services the way you are attempting to do so will more than likely cause
your PKI to fail.

Have you configured a CAPolicy.inf file? Are you sure that all of the
PKI enabled applications, services, and hardware devices in your org
that are going to be using certificates will support the key length
you're using for your CA, etc, etc,

Feel free to disregard my advice here, your choice. 

-- 
Paul Adare
This posting is provided "AS IS" with no warranties, and confers no
rights.