Solved

Certificate Services

Posted on 2014-10-18
3
171 Views
Last Modified: 2014-10-18
Hi All

I'm setting up Certificate Services for internal use in our AD domain which has a parent / child domain structure. The parent domain contains only DC accounts. All clients and users are housed in the child domain. I have built an offline root CA without issue following a TechNet guide. The next thing I need to do is build the subordinate CA to issue the certificates - no issues with doing this but where do I place it ? Should it be in the parent domain or should it be in the child domain or do I need to build two subordinate CAs one in each domain ? Your advice will be greatly appreciated !
0
Comment
Question by:Karmez
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 19

Accepted Solution

by:
Peter Hutchison earned 500 total points
ID: 40388645
It depends whether you want certificates for users or certificates for servers. If both then you need seperate CAs for each domain.
0
 

Author Comment

by:Karmez
ID: 40388658
Thanks Peter - I am going to need both so I will put subordinates in each domain.
0
 

Author Closing Comment

by:Karmez
ID: 40388660
Amazing how fast I got the answer I needed - thanks Peter
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question