RE: CA 2003 Enteprise

[Tim Evans]

You can request any kind of certificate from the CA that you have the correct 
permissions to request. The ones you are allowed to request are shown in the 
template drop down in the web interface. If the one you need isn't shown there, 
you'll have to adjust the permissions on that template on CA server.

Some certificates can be user or computer based, like the default web server 
cert. If the template can be used as a computer cert, you'll see further down 
on the page you'll see a check box for "Store certificate in the local computer 
certificate store". I don't know what this will do on a Mac - you may need to 
download the cert, save it to the local drive, and then run whatever import 
wizard they have on the Mac.

...Tim


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Monday, November 03, 2008 7:35 AM
> To: NT System Admin Issues
> Subject: CA 2003 Enteprise
> 
> This has me baffled.
> 
> I have a Windows 2003 Enterprise server running as a CA.  I need to
> find a
> way to setup computer based certificates on non-XP machine (Mac OS
> 10.5).
> 
> I cannot seem to figure out how to create machine certificates properly
> or
> even request them.
> 
> I've been able to get XP machines (that are part of the domain) a
> computer
> certificate through group policy and auto enrollment.  However, I'm not
> sure how to manually request a computer based certificate.  Going
> through
> the web interface (http://ip-addr/certsrv) does not allow you to
> request a
> computer based cert.
> 
> Does anyone know how to (or has anyone successfully done this) setup a
> computer based certificate on a computer on a non-XP box to a Win 2k3
> Enterprise CA?
> 
> Reading the MS whitepages on CA makes my head spin.
> 
> JR
> 
> 
> mail2web.com - Microsoft(r) Exchange solutions from a leading provider -
> http://link.mail2web.com/Business/Exchange
> 
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: CA 2003 Enteprise

[Troy Meyer]

Jesse,

You can request a computer certificate from the web enrollment page, but you 
need to click advanced request and submit a request via file.  So the hard part 
is completing a certificate request on your Macintosh to generate the file and 
then completing the request after Windows issues the certificate.

I have never done this, but the first place to explore would be the OSX command 
line tool certtool.  There may be easier ways, but I haven't used them :)

Troy


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, November 03, 2008 7:35 AM
To: NT System Admin Issues
Subject: CA 2003 Enteprise

This has me baffled.

I have a Windows 2003 Enterprise server running as a CA.  I need to find a
way to setup computer based certificates on non-XP machine (Mac OS 10.5).

I cannot seem to figure out how to create machine certificates properly or
even request them.

I've been able to get XP machines (that are part of the domain) a computer
certificate through group policy and auto enrollment.  However, I'm not
sure how to manually request a computer based certificate.  Going through
the web interface (http://ip-addr/certsrv) does not allow you to request a
computer based cert.

Does anyone know how to (or has anyone successfully done this) setup a
computer based certificate on a computer on a non-XP box to a Win 2k3
Enterprise CA?

Reading the MS whitepages on CA makes my head spin.

JR


mail2web.com - Microsoft(r) Exchange solutions from a leading provider -
http://link.mail2web.com/Business/Exchange



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~