Enterprise CA and AD

  • Thread starter Thread starter Carson Saunders
  • Start date Start date
C

Carson Saunders

I know that an Enterprise CA requires Active Directory and I have read that
a certificate can only be issued to a user that has an entry in the Active
Directory. My question concerns the meaning of the word "entry". Does
this mean that the user in question must have a "User" account? Or do they
just need to have an entry, meaning they don't have an entry in the AD for
the "User" class but rather an entry for some other class, possibly one
created by extending the schema? Does this make sense? If more
information is needed, please ask.

Thanks
 
I believe the document you read is referring to an Access Control Entry,
which is a security principal such as a user or group account. Active
Directory uses an Access Control List (ACL), which is comprised of a
collection of Access Control Entries (ACEs), to determine who has what
permissions to certificate templates.

David Pharr, (e-mail address removed)

This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Newsgroups: microsoft.public.win2000.active_directory
| Subject: Enterprise CA and AD
| From: Carson Saunders <[email protected]>
| Organization: Your Company
| Message-ID: <[email protected]>
| User-Agent: Xnews/5.04.25
| Lines: 15
| Date: Wed, 31 Mar 2004 14:23:19 GMT
| NNTP-Posting-Host: 216.54.52.120
| X-Complaints-To: (e-mail address removed)
| X-Trace: lakeread06 1080742999 216.54.52.120 (Wed, 31 Mar 2004 09:23:19
EST)
| NNTP-Posting-Date: Wed, 31 Mar 2004 09:23:19 EST
| Path:
cpmsftngxa06.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP08
.phx.gbl!newsfeed00.sul.t-online.de!t-online.de!newsfeed.esat.net!zen.net.uk
!dedekind.zen.co.uk!cox.net!news-xfer.cox.net!p01!lakeread06.POSTED!not-for-
mail
| Xref: cpmsftngxa06.phx.gbl microsoft.public.win2000.active_directory:71766
| X-Tomcat-NG: microsoft.public.win2000.active_directory
|
| I know that an Enterprise CA requires Active Directory and I have read
that
| a certificate can only be issued to a user that has an entry in the
Active
| Directory. My question concerns the meaning of the word "entry". Does
| this mean that the user in question must have a "User" account? Or do
they
| just need to have an entry, meaning they don't have an entry in the AD
for
| the "User" class but rather an entry for some other class, possibly one
| created by extending the schema? Does this make sense? If more
| information is needed, please ask.
|
| Thanks
|
| --
| Carson Saunders
|
| reply to carson_saunders at yahoo dot com
|
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Cert Server - Changed Enterprise CA 12
Which CA to install Enterprise or Standard? 1
Internal Certicate Authority Server question 1
Downed Domain Controller still existing in Active Directory needs to be removed 1
Address Book over LDAPS 1
CA for LDAPS? 2
Automatically Renew User Certificates from Inhouse CA? 6
Error 0x57 importing AD schema export into ADAM 2

Back
Top