Solved

How can I remove the field 'include e-mail address from a template' on a Windows Server 2012 R2 CA ?

Posted on 2014-12-09
2
175 Views
Last Modified: 2014-12-15
I am using a Windows Server 2012 R2 subordinate CA in my enterprise.  Some certificates failed which I discovered to be caused by the active template check box "Include e-mail address - Yes".  Simply deleting the issued certificate template, and creating another does not clear the issue.

Creating the file CAPolicy.inf as shown below, followed by a reboot also does not clear the problem.

[Version]
Signature="$Windows NT$"
[Certsrv_Server]
LoadDefaultTemplates=0

Any assistance would be appreciated.  Thank you.
0
Comment
Question by:LukeMo
2 Comments
 
LVL 36

Accepted Solution

by:
Mahesh earned 500 total points
ID: 40492101
Some certificates template require custom request such as web server template

Some certificate do require that certificate subject to be generated from AD attribute automatically such as user and workstation authentication

Now if you have duplicated templates which do not require automated information from AD such as Web Server and if you force them to supply info from AD, they will get fail most probably

U can check default certificates in CA snap-ins to identify if certificate requires custom information or it will built from AD

Also for those templates where email is required to build certificate subject, email address must exists in user properties or else request will fail
http://technet.microsoft.com/en-us/library/cc725621(v=ws.10).aspx
0
 
LVL 1

Author Closing Comment

by:LukeMo
ID: 40500803
the link you provided helped quite a bit.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Beyond Tools A conversation I recently had with the DevOps manager of a major online retailer really made me think about DevOps monitoring tools (https://www.onpage.com/devops-incident-management-tool/). The manager and I discussed how sever…
One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question