Re: What to do with certificates when profile is deleted/recreated?
From: David Cross [MS] (dcross_at_online.microsoft.com)
Date: 12/09/04
- Next message: lmpbas: "how to restrict dhcp to authenticate domain users ?"
- Previous message: Jacques Koorts: "Re: Is it possible to secure replication?"
- In reply to: Stephen Woolhead: "Re: What to do with certificates when profile is deleted/recreated?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 9 Dec 2004 05:25:27 -0800
Understood and we are working on alternate solutions.
-- David B. Cross [MS] -- This posting is provided "AS IS" with no warranties, and confers no rights. Top Whitepapers: Auto-enrollment whitepaper: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/autoenro.mspx Best Practices for implementing Windows Server 2003 PKI: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/ws3pkibp.mspx Troubleshooting Certificate Status and Revocation whitepaper: http://www.microsoft.com/technet/security/topics/crypto/tshtcrl.mspx Windows Server 2003 web enrollment and troubleshooting guide: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/webenroll.mspx Windows Server 2003 web enrollment and troubleshooting guide: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/webenroll.mspx "Stephen Woolhead" <stephen@perfectphase.com> wrote in message news:eCclCWS3EHA.2608@TK2MSFTNGP10.phx.gbl... > Just like to add that I have the same problem. I would like auto > enrolment to not only check if a certificate for a template already exists > in AD, but to copy it locally if it does. This seems such an obvious > thing to me I can't under stand why it was not implemented, or have I > missed something? > > We do not have smartcards or roaming profiles which seems to leave us with > manually importing certificates via the MMC or issuing duplicates. > > Stephen > > "David Cross [MS]" <dcross@online.microsoft.com> wrote in message > news:OpqTIni0EHA.3704@tk2msftngp13.phx.gbl... >> You essentially have two options today: >> >> 1. roaming user profiles >> 2. smartcards >> >> We understand that you are looking for other options and are working hard >> to provide additional options in the future. >> >> -- >> David B. Cross [MS] >> -- >> This posting is provided "AS IS" with no warranties, and confers no >> rights. >> >> Top Whitepapers: >> >> Auto-enrollment whitepaper: >> http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/autoenro.mspx >> Best Practices for implementing Windows Server 2003 PKI: >> http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/ws3pkibp.mspx >> Troubleshooting Certificate Status and Revocation whitepaper: >> http://www.microsoft.com/technet/security/topics/crypto/tshtcrl.mspx >> Windows Server 2003 web enrollment and troubleshooting guide: >> http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/webenroll.mspx >> Windows Server 2003 web enrollment and troubleshooting guide: >> http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/webenroll.mspx >> >> "Remco de Groot" <me@Xrdegroot.net> wrote in message >> news:urvwbgb0EHA.1924@TK2MSFTNGP10.phx.gbl... >>>I have an environment with Win2K3 and XP. I have it configured for >>> auto-enrollment which works fine. But: >>> It often happens that a user uses a different machine. Since roaming >>> profiles will not be implemented for some time, a new profile for the >>> user. >>> This new profile does not contain the earlier enrolled certificate. >>> How should I deal with this situation so the user gets his certificate >>> again. As said, roaming profiles are not an option (yet) further more I >>> want >>> to minimize the user interaction as much as possible. >>> >>> Thanx for any input on this. >>> >>> Remco >>> >>> >>> >>> >>> >> >> > >
- Next message: lmpbas: "how to restrict dhcp to authenticate domain users ?"
- Previous message: Jacques Koorts: "Re: Is it possible to secure replication?"
- In reply to: Stephen Woolhead: "Re: What to do with certificates when profile is deleted/recreated?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
Loading
