Re: Certificate for VPN Client has expired (Computer Certificate)

"=?Utf-8?B?RXJpayBIZWxnZXJ1ZA==?="
<ErikHelgerud@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
news:0B622C09-78D0-43F8-AEA6-0A250D0FD207@xxxxxxxxxxxxx:

> Autoenrollment is used. So when users are connected to LAN everything
> works as it should. BUT my problem is that they only connects via RAS
> server or VPN, and then certificates are not updated.
>
> I need a possibility to renew the certificate - when users are
> connected by their usual way - not a solution too have them all
> connected to LAN.
>
>snip<

I am discussing this with the certificates team. Thus far the advice I have
received for you is as follows:

"The VPN process doesn't force the CSE to run, you could use Secedit to
update the machine policy in a script. This will of course only
renew/enroll computer certs as W2K only supports ACRS (computer certs)."

I've requested additional information, and if I receive any I will post it
here. If the situation is urgent you can call Product Support Services.


--
James McIllece, Microsoft

Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.

This posting is provided "AS IS" with no warranties, and confers no rights.
.

Relevant Pages

  • Re: Certificate for VPN Client has expired (Computer Certificate)
    ... >> Autoenrollment is used. ... So when users are connected to LAN everything ... and then certificates are not updated. ... > renew/enroll computer certs as W2K only supports ACRS (computer ...
    (microsoft.public.windowsxp.network_web)
  • Re: Choosing which way to secure WLANs (IAS, WPA and certs or passwd)
    ... certificates demands a PKI infrastructure whether this be an internal MS ... The idea behind certificates is that client A trusts client B certificate ... authenticated to the LAN is passed via IAS, as long as the computer account ... the computer would be allowed to authenticated and logon to the wireless ...
    (microsoft.public.windows.server.networking)
  • Re: SBS RWW, Exchange and a vpn
    ... Locking down RWW and OWA to some extent is preferable. ... I will see what i can find on implementing certificates via the Server, but if i recall, the workstation in question has to be attached to the LAN at least initially for this to happen. ... Restart of IIS is not necessary. ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN, IPsec, and certificates question
    ... I keep getting this error when copying the certificates from one client to ... You can use Web Enrollment to allow users not on the lan to request ... > certificates on the lan to distribute to remote users though I would not ...
    (microsoft.public.windows.server.security)