Solved

Certificate Services

Posted on 2014-10-18
3
148 Views
Last Modified: 2014-10-18
Hi All

I'm setting up Certificate Services for internal use in our AD domain which has a parent / child domain structure. The parent domain contains only DC accounts. All clients and users are housed in the child domain. I have built an offline root CA without issue following a TechNet guide. The next thing I need to do is build the subordinate CA to issue the certificates - no issues with doing this but where do I place it ? Should it be in the parent domain or should it be in the child domain or do I need to build two subordinate CAs one in each domain ? Your advice will be greatly appreciated !
0
Comment
Question by:Karmez
  • 2
3 Comments
 
LVL 19

Accepted Solution

by:
Peter Hutchison earned 500 total points
ID: 40388645
It depends whether you want certificates for users or certificates for servers. If both then you need seperate CAs for each domain.
0
 

Author Comment

by:Karmez
ID: 40388658
Thanks Peter - I am going to need both so I will put subordinates in each domain.
0
 

Author Closing Comment

by:Karmez
ID: 40388660
Amazing how fast I got the answer I needed - thanks Peter
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
How important is it to take extra precautions to protect your online business? These are some steps you can take to make sure you're free of any cyber crime.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now