Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ad-certificate-services]

Active Directory Certificate Services is a role first made available in Windows Server 2008. Previously it was known as certificate services.

Active Directory Certificate Services is a set of technologies from Microsoft that offer the ability to create a PKI infrastructure.

Active Directory Certificate Services specific documentation are collated at http://social.technet.microsoft.com/wiki/contents/articles/windows-pki-documentation-reference-and-library.aspx

242 questions
0
votes
0 answers

Special considerations for a new Certificate Authority with multiple UPN suffices?

Our AD domain is foo.com, NetBIOS FOO_D1. A previous employee added a second UPN suffix, bar.com. Our corporate identity now revolves around bar.com, such that it is used in everyone's email address. All new users get a UPN with the bar.com suffix.…
Drew Lanclos
  • 188
  • 1
  • 11
0
votes
1 answer

Add additional information to auto-enrolled certificates (Windows Active Directory CA)

I successfully enabled auto-enrollment for client computer certificates within our Active Directory domain. However, I want to include additional details in the auto-enrolled certificate such as the organizational unit (OU) the client computer is…
lightxx
  • 197
  • 1
  • 2
  • 9
0
votes
1 answer

Find out which certificates cause a certificate revocation list check

In the course of migrating our internal CA we first the old server up and running in order to allow clients to download the CRl from the URL hardcoded in already issued certificates. Meanwhile the old server has been removed completely and there is…
Hagen von Eitzen
  • 824
  • 3
  • 17
  • 43
0
votes
1 answer

Windows 2008 Cert Authority only issuing certificates for 10 days

I am trying to get a certificate for my Remote Desktop server on my AD. When I submit the request through the Certificate Authority snap in it generates a certificate that is only valid for a few days how can I modify this. The template that it is…
Jorge Fernandez
  • 143
  • 6
0
votes
0 answers

Windows Server 2008R2 Certificate Services will not start Error Code 0x80090011 (-2146893807)

For no apparent reason that I can find our server 2008 r2 server, which is our ca service has stopped. I have tried to restart it, but when I do, it says object not found. When I check the event viewer, this shows tha"Active Directory Certificate…
Andy5
  • 145
  • 1
  • 3
  • 10
0
votes
2 answers

How to Configure Windows Certificate Services not to use AIA and CRL when issuing Certificates

I have a Windows Certificate Service installed on a Windows Server 2008 R2 VM, and what I need to do is to modify certificates NOT to use AIA and CRL, but to ONLY use OCSP Responder. The OCSP is installed on another VM also running Windows Server…
Andy5
  • 145
  • 1
  • 3
  • 10
0
votes
1 answer

Windows 2008 Web Enrollment Fails The RPC server is unavailable. 0x800706ba (WIN32: 1722)

I am setting up an RA and a Subordinate CA who is also an AD. I can issue certs through certutil and the mmc snap-in with no problem. But when I try using Web Enrollment in the RA, it fails saying "The RPC server is unavailable. 0x800706ba (WIN32:…
JuanKB1024
  • 133
  • 1
  • 2
  • 7
0
votes
2 answers

What is the impact of upgrading Windows 2008 R2 Standard to Enterprise?

I have a Windows Server 2003 domain controller, a Windows Server 2008 R2 Standard domain controller, and a Windows Server 2012 domain controller. I am looking to upgrade the 2008 R2 Standard DC to Enterprise. My question, is what impact may it have…
tekuser
  • 19
  • 1
  • 2
0
votes
1 answer

Windows Server Certificates external domain

recently setup certificate services on a windows server 2008 internal network. I setup certificate services, generated the certificate, put it in the domain's trusted certificate folder and applied the certificate as a group policy for computer >…
Dimitri Shukuroglou
  • 141
  • 1
  • 4
0
votes
1 answer

Exchange Server 2013 has dependency on old PDC

I am in the process of completely upgrading a Exchange 2007 system running on server 2008 R2 Hyper-V VMs hosted on a Exchange 2008 R2 domain controller. It had all the FSMO roles on it, and it was the PDC Emulator. I have successfully upgraded my…
Charles Bretana
  • 235
  • 5
  • 17
0
votes
1 answer

Win2008 SRV Certutil csv option not present

I have an Enterprise Certificate Authority running well. I am attempting to automate some monitoring tasks using batch files and the certutil.exe command. After reading the documentation at: certutil and there is an option [csv] to export the…
JuanKB1024
  • 133
  • 1
  • 2
  • 7
0
votes
1 answer

Auto-enrollment certificate without enroll permission

I am Domain Admin of a company. We implement Active Directory Certificate Services in our company for email signature and encryption. Because we have more than 1000 users in our company, we want to enable auto-enrollment on User certificate template…
Hojjat Jashnniloofar
  • 1
  • 1
0
votes
1 answer

Windows 2003 AD Certificate services failed on primary DC?

Cert services show error: Event ID: 5 Description: Certificate Services could not find required registry information. The Certificate Services may need to be reinstalled. I have manualy removed CA from server following instructions:…
user2344423
  • 3
  • 2
0
votes
1 answer

ADFS 2.0: send issuer of user certificate as claim

Using ADFS 2.0, I would like to send to a relying party information about the issuer of the user certificate, if a user authenticated using an x509 certificate. Is this possible? How should I configure the claim description and the claim rule?
Paolo Tedesco
  • 1,296
  • 7
  • 16
  • 23
0
votes
1 answer

AD Certificate Templates does not appear

I'm following what should be simple instructions to enable LDAP SSL on our domain controller (instructions here). Duplicating the Kerberos certificate is successful however, when attempting to select "Certificate Template to Issue", the created…
Sean
  • 313
  • 2
  • 8
  • 19
1 2 3
16 17