[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

How can I remove the field 'include e-mail address from a template' on a Windows Server 2012 R2 CA ?

Posted on 2014-12-09
2
Medium Priority
?
182 Views
Last Modified: 2014-12-15
I am using a Windows Server 2012 R2 subordinate CA in my enterprise.  Some certificates failed which I discovered to be caused by the active template check box "Include e-mail address - Yes".  Simply deleting the issued certificate template, and creating another does not clear the issue.

Creating the file CAPolicy.inf as shown below, followed by a reboot also does not clear the problem.

[Version]
Signature="$Windows NT$"
[Certsrv_Server]
LoadDefaultTemplates=0

Any assistance would be appreciated.  Thank you.
0
Comment
Question by:LukeMo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 38

Accepted Solution

by:
Mahesh earned 1500 total points
ID: 40492101
Some certificates template require custom request such as web server template

Some certificate do require that certificate subject to be generated from AD attribute automatically such as user and workstation authentication

Now if you have duplicated templates which do not require automated information from AD such as Web Server and if you force them to supply info from AD, they will get fail most probably

U can check default certificates in CA snap-ins to identify if certificate requires custom information or it will built from AD

Also for those templates where email is required to build certificate subject, email address must exists in user properties or else request will fail
http://technet.microsoft.com/en-us/library/cc725621(v=ws.10).aspx
0
 
LVL 1

Author Closing Comment

by:LukeMo
ID: 40500803
the link you provided helped quite a bit.
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
What we learned in Webroot's webinar on multi-vector protection.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question