AblSysadmin
asked on
ROOT CA To Be Generated From AD
We require to generate a certificate in AD for the LDAPS. We will then need to import the generated cert into the cert store on a particular server.
As well will need to deploy certs to desktops and other servers. What issues can we expect?
I have viewed the following article, http://technet.microsoft.com/en-us/library/cc772393%28WS.10%29.aspx. Do we just follow the "To set up an enterprise root CA" procedure?
As well will need to deploy certs to desktops and other servers. What issues can we expect?
I have viewed the following article, http://technet.microsoft.com/en-us/library/cc772393%28WS.10%29.aspx. Do we just follow the "To set up an enterprise root CA" procedure?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
this is also usefull: http://technet.microsoft.com/en-us/library/cc875810.aspx
ASKER
Hi, checked all that you requested. Pretty straight forward to install the root CA. Note that all that is required is to enable SSL on AD. Will the installation of the root ca affect anything or?
the installation of the CA won't affect anything. CA will bring new features and capabilities on your network but shouldn't break anything.
ASKER
Thanks for the quick reply. Will this enable SSL/LDAP automatically?
You can review this
- http://support.microsoft.com/kb/321051/en-us
- https://www.experts-exchange.com/questions/23224559/Configure-LDAPS-on-2003-Active-Directory.html
Yes this will start automatically LDAPS
- http://support.microsoft.com/kb/321051/en-us
- https://www.experts-exchange.com/questions/23224559/Configure-LDAPS-on-2003-Active-Directory.html
Yes this will start automatically LDAPS
ASKER
Hi, i created a copy DC and installed CA without any issues. LDAPs is enabled. But now if i try to join the domain (test DC) from an test workstation i am unable to join the domain using NetBIOS? FQDN domain works 100% but NetBIOS name fails. will this influence the netbios authentication as well? Thinking of domain authentication being used in services like SQL services start-ups
ASKER
solution found. going to implement CA