Re: User certificate question (no AD installed)

From: Steven L Umbach (n9rou_at_nscomcast.net)
Date: 04/24/04

Next message: John: "Re: Network Deleted file"
Previous message: Steven L Umbach: "Re: Adding a PC to the Domain"
In reply to: Alvaro: "User certificate question (no AD installed)"
Messages sorted by: [ date ] [ thread ]

Date: Sat, 24 Apr 2004 02:31:03 GMT

I have not had much experience with stand alone CA, but try advanced
requests which should give you the option for client authentication which
may work. --- Steve

"Alvaro" <alvaromotta@hotmail.com> wrote in message
news:D1D94CD2-FDB3-4E64-AAC9-BAC5DBE0AF67@microsoft.com...
> This message was originally posted at the Win2k RAS Routing group
> We have the following:
> Win2k3 Enterprise as Stand-alone CA, RRAS configured with L2TP ports RAS
only and this box is a member server of an NT 4.0 domain structure (no AD
installed).
>
> We are able to use the VPN with computer certificates without problems,
but in order to improve security, we would like to use USER certificates
instead. When opening the page to request a certificate, the only options
are: web browser cert, e-mail cert and adv cert request. There's no user
certificate option.
>
> We have searched the net to try to find a solution, but almost all of the
environments involves AD and ISA server. Most of the articles from TacTeam.
>
> Is there a way to use, in an environment like ours, user certificates?
>
> From the Win2K RAS Routing group I had the following answer:
>
> " You need to change the setup of the CA to be able to issue the user
certs
> for authentication "
>
> The problem is that I don't know how to change this particular setting. I
even tried reinstalling the CA, but at any moment during the installation
process, I was able to tell where I could instruct the server to issue user
certs.
>
> Does anyone out there knows if we have all the pieces in place or it lacks
an ISA server, a RADIUS,.... Chances are we are not going to install AD in
the near future.

Next message: John: "Re: Network Deleted file"
Previous message: Steven L Umbach: "Re: Adding a PC to the Domain"
In reply to: Alvaro: "User certificate question (no AD installed)"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: ONS and 50 year rule
... I have just noted from the RFC User Group minutes and the GRO website that ... order indexes and certificates. ... the request for a full DOB and parents names for one of these. ... stated of course that I didn't know, hence my need for the cert. ...
(soc.genealogy.britain)
Re: Cannot get ISA to recognize loaded certificates
... go to the ISA Server Guidance page ... see the document "Digital Certificates". ... For the self created I imported the web cert to the personal ... > folder and the CA cert to the Trusted Root Folder. ...
(microsoft.public.isa.publishing)
Cannot get ISA to recognize loaded certificates
... I simply cannot get my ISA server to recognize certificates added to the ... For the self created I imported the web cert to the personal ... folder and the CA cert to the Trusted Root Folder. ...
(microsoft.public.isa.publishing)
Re: New to ISA 2004 & Secure Web Publishing
... Start with the document "Publishing Web ... It refers to a general document on certificates in ISA Server. ... We also installed a cert. ...
(microsoft.public.isa.publishing)
Re: Unable to install Godaddy cert on SBS R2 Standard box
... I recently bought a ten year Turbo SSL cert, but I want to rebuild my server ... "Please create a new request,and request for a new certificate from ... Godaddy(issue a new certificate),then install the new certificate. ...
(microsoft.public.windows.server.sbs)