Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ad-certificate-services]

Active Directory Certificate Services is a role first made available in Windows Server 2008. Previously it was known as certificate services.

Active Directory Certificate Services is a set of technologies from Microsoft that offer the ability to create a PKI infrastructure.

Active Directory Certificate Services specific documentation are collated at http://social.technet.microsoft.com/wiki/contents/articles/windows-pki-documentation-reference-and-library.aspx

242 questions
0
votes
1 answer

RDP and GPO setting Server Authentication certificate template (Microsoft Windows Server 2016)

We want to force Remote Desktop to use a certificate based on a particular named template rather than using a self-signed certificate. This works in forests with a Certificate Authority server, but not in forests that do not have their own CA…
Jon Pennycook
  • 3
  • 4
0
votes
1 answer

Unused ADCS for Server 2008 R2 Standard. What are the risks associated with removing this service?

I have inherited this system and I am looking at decommissioning this server 2008 R2 Domain Controller/ADCS Server. This role (ADCS) was never actively used by anyone. I believe, just because it was installed, that the member domain controllers…
darraisa
  • 5
  • 2
0
votes
1 answer

Autorenew not working when setting up key based renewal - Cep/CES

I am trying to configure Key Based renewal using WES to support autorenwal of certificates in workgroup computers and untrusted domains. I have configured CEP (Certificate Authenticatoin, Key Based Renewal) and CES (Certificate Authenticatoin, Key…
CryptoDan
  • 85
  • 7
0
votes
1 answer

One-way forest trust deployment for Microsoft CA

I am looking to deploy a multi-forest Microsoft CA between 2 domains (one-way trust) Domain A will be the resource forest while B will be the account forest (A trusts B but B doesn't trust A) Will there be any implications involved? I have done some…
ba zhang
  • 15
  • 3
0
votes
1 answer

Upgrading certificate template schema

I need to update one of my Active Directory Certificate Services (ADCS) certificate templates from schema v2 to v3, to support KSP providers. It seems that I can only do this by cloning the template (only then I get an option to select KSP). Is it…
StanTastic
  • 860
  • 1
  • 8
  • 25
0
votes
2 answers

Any issues that I should be prepared installing a Certificate in AD?

They are asking me to install a TLS Certificate in our Active Directory to make our Meraki routers work with AD. We currently have some services that use AD users, including a database. Will there be a problem if I install this certificate? Like…
Tirux
  • 3
  • 5
0
votes
2 answers

Windows Certificate Templates CSP certificate with Exportable Private Key

I recently created a certificate for a developer using a certificate template. The template was based from an existing one which I believe is based on CNG.I was able to export the private key, but the developer said that it needed to be CSP. After…
RLBChrisBriant
  • 595
  • 1
  • 7
  • 22
0
votes
1 answer

Windows AD CA Code Signing Cert Request for Wrong User

I am having an odd problem with a Code Signing certificate request from my Windows 10 workstation. We have a Windows Server 2012R2 CA setup with the Code Signing template and everything works fine if I do the request from another machine. But, if…
Caynadian
  • 442
  • 2
  • 10
  • 25
0
votes
1 answer

MMC > Certificates > Other computers: Which firewall ports used for this?

I am having a windows firewall issue when trying to access the Certificate Store from another computer on the same domain using MMC or PowerShell. I am logged in as a domain admin. Both servers are windows server 2019. If I disable windows firewall…
Tony
  • 101
  • 3
0
votes
1 answer

Publish certificate in Active Directory not working as intended

I have an AD forest and one CA server. In the certificate template I have "Publish certificate in Active Directory" checkbox checked. Also in the template, the Subject Name option is set to "Supply in the request". The certificates for all users is…
ramtech
  • 133
  • 4
0
votes
1 answer

LDAPS 636 Works on Domain Controllers except Azure Domain Controller

I have a Domain Controller (Server 2016) in Azure. The Azure network this system is on is connected via a Virtual network gateway (VPN) to the on-prem network and the network engineers have configured this network to be trusted and thus is inside…
227Passive
  • 1
0
votes
0 answers

ADCS Change AIA information from existing certificate

We have built a tier 2 PKI. Recently we decided to start hosting our CDP & AIA on a seperate webserver. However this was not originally in the design, so now we have problems with the certificate chain as the webserver is included on the Root…
kevin rennenberg
  • 73
  • 1
  • 13
0
votes
0 answers

Decommission Active Directory Certificate Services server: side effects

I have a private domain to which I later added AD CS, NPS, RRAS and setup SSTP VPN access. I used AD CS to create a certificate for the SSTP connection and DynDNS to get me in from outside. Everything has worked fine for years. I would now like…
Kevin
  • 1
0
votes
0 answers

Unable to renew Certificate on Windows 10 in domain

I'm trying to renew my computer certificates on a in domain laptop but I get "RPC Server is unavailable", error code 1722. On other laptops the same procedure works. What can I do? I've opened mmc and then "Personal-All Tasks->Request new…
Manuel Castro
  • 101
  • 1
-1
votes
1 answer

Unable to renew certificate in certmgr.msc in windows 2003

I am trying to renew a certificate using CertManager on Windows 2003 Server. (I have also used the certificate plug-in in MMC but its the same thing.) I am logged in with the Administrator account. When I select any of my Personal certificates and…
VicF
  • 1
  • 1
  • 2
1 2 3
16
17