RE: Using Subordinate CA's

From: Scotty (Scotty_at_discussions.microsoft.com)
Date: 01/28/05 

Date: Fri, 28 Jan 2005 13:51:02 -0800

I am running Windows 2000 Server.

"Brian Komar" wrote:

> In article <553FD614-C1BD-49C1-9E33-CEEA04749308@microsoft.com>,
> Scotty@discussions.microsoft.com says...
> > Wow. That was easy. Can computers be set up to request a certificate
> > automatically? I read where the GPO can be set up to where the computer
> > request a certificate for the PC, but what about User Certificates?
>
> If you are using the Windows Server 2003 enterprise CAs, running on
> Windows Server 2003, Enterprise Edition, you can enable autoenrollment
> for user through a combination of Version 2 certificate templates and
> Group Policy.
>
> The client computers *must* be running Windows XP.
>
> http://www.microsoft.com/technet/prodtechnol/windowsserver2003/plan/auto
> enro.asp
>
> Alternatively, I have included a vbs script in my book that allows you
> to perform scripted enrollment (automated enrollment) for user
> certificates on Windows 2000 clients with CAPICOM loaded.
>
> http://www.microsoft.com/MSPress/books/6745.asp
>
> Brian
>
> >
> > "Brian Komar" wrote:
> >
> > > In article <D9869C23-1A34-4C83-BE99-9EE4E35E3602@microsoft.com>,
> > > Scotty@discussions.microsoft.com says...
> > > > Sorry this is a duplicate of the thread above.
> > > >
> > > > "Scotty" wrote:
> > > >
> > > > > At one of my locations I setup an Enterprise Root CA, then also at the same
> > > > > location I set up a Enterprise Subordinate CA. When I request a new
> > > > > certificate through the Snap-in, it request a certificate from my Root CA
> > > > > instead of my subordinate CA. How can I force the computers to request from
> > > > > the Subordinate CA?
> > > >
> > > Do an advanced request. This allows you to choose which enterprise CA
> > > for the request submission
> > >
> > > Brian
> > >
> >
> R
>
>

Relevant Pages

  • Re: Need help configuring Wireless Connection profile
    ... and I can only use the intel OR windows utility, not both at the same time. ... Windows authentication for all users,4129,LRG\ryanv,4149,Wireless WPA2 ... SMALL BUSINESS SERVER: ... STEP #1 Install Certificate Services ...
    (microsoft.public.windowsxp.general)
  • Re: Enterprise CA access
    ... 2000 native domain and was able to request and receive certificates for my ... Windows 2003 Server domain member via the mmc certificates snapin. ... Windows 2003 Server are you able to access a share on the Certificate ...
    (microsoft.public.win2000.security)
  • Re: EAP-TLS with windows CE
    ... The AP was sending out an Identity Request every second, ... request to the identification server. ... When the server asks the Windows CE device to identify itself, ... I could easily steal your authentication information. ...
    (microsoft.public.windowsce.platbuilder)
  • Multiple Vulnerabilities in Sun-One Application Server
    ... Multiple Vulnerabilities in Sun-One Application Server ... on Windows 2000, SPI Labs discovered a number of vulnerabilities. ... the case of the file extension in the HTTP request. ...
    (Bugtraq)
  • [VulnWatch] Multiple Vulnerabilities in Sun-One Application Server
    ... Multiple Vulnerabilities in Sun-One Application Server ... on Windows 2000, SPI Labs discovered a number of vulnerabilities. ... the case of the file extension in the HTTP request. ...
    (VulnWatch)