AKA
asked on
Cross forest Certificate
Could someone please help with the below scenario:
We have an existing forest a.corp.com with a running CA. We have have created one another forest (business purpose) b.corp.com and installed new CA. Created forest trust between the forests.
We have installed a new SCCM infra in the new forest b.corp.com. Now we want to manage clients in the forest a.corp.com with the configuration manager client certificate issued from the b.corp.com forest.
We have seen the MS article AD CS: Deploying Cross-forest Certificate Enrollment, but we don't want to perform all the steps mentioned here like consolidation of certificates. We just want to get the configuration manager client certificate in the remote forest a.corp.com clients. Could you advise the best method to configure this without making issues in our current CA (note - we already have forest trust between the forests).
AKay
We have an existing forest a.corp.com with a running CA. We have have created one another forest (business purpose) b.corp.com and installed new CA. Created forest trust between the forests.
We have installed a new SCCM infra in the new forest b.corp.com. Now we want to manage clients in the forest a.corp.com with the configuration manager client certificate issued from the b.corp.com forest.
We have seen the MS article AD CS: Deploying Cross-forest Certificate Enrollment, but we don't want to perform all the steps mentioned here like consolidation of certificates. We just want to get the configuration manager client certificate in the remote forest a.corp.com clients. Could you advise the best method to configure this without making issues in our current CA (note - we already have forest trust between the forests).
AKay
Shaun Vermaak
Can you not just add the root as trusted?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.