Re: CA - Certificate Authority for Authentication?
- From: "Miha Pihler [MVP]" <mihap-news@xxxxxxxxxxx>
- Date: Mon, 29 May 2006 17:30:31 +0200
Hi,
Yes, you can use CA to deploy user certificate in combination with e.g.
smart cards and then only allow (remote) logons to server using these smart
cards...
Here are some white papers on how to set up CA server
Here are some articles on how to set up Microsoft CA and how to deploy
certificates to users.
Best Practices for Implementing a Microsoft Windows Server2003 Public Key
Infrastructure
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/ws3pkibp.mspx
Implementing and Administering Certificate Templates in Windows Server 2003
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/ws03crtm.mspx
PKI Enhancements in Windows XP Professional and Windows Server 2003
http://www.microsoft.com/technet/prodtechnol/winxppro/plan/pkienh.mspx
Windows Server 2003 PKI Operations Guide
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/ws03pkog.mspx
Managing a Windows Server 2003 Public Key Infrastructure
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/mngpki.mspx
Advanced Certificate Enrollment and Management
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/advcert.mspx
You can use Smart Card for remote logons to domain, terminal servers, VPN,
web servers, etc.
You can also use certificates stored on local hard drive to logon to web
servers.
I hope this helps you out. Feel free to post back with any additional
questions.
--
Mike
Microsoft MVP - Windows Security
"'puter-rooter" <puterrooter@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:CD760703-17DB-4E6A-A6E0-F971D8DC4FBF@xxxxxxxxxxxxxxxx
Can a CA be used to authenticate remote users?
Specifically, can a user be set up to have / use a certificate in order to
gain access to a remote network?
My understanding is that you could use a corporate CA to generate a
certificate, and use the certificate as part of a Token / Smart Card /
other
form of authentication.
If this is possible, can someone point me to some site that will give more
information / or outline the procedure?
I've been told that it can be done, and that it can't be done (CA's aren't
used for this kind of purpose)... I think it can be - but want to know for
sure.
Thanks in advance!
Mike H.
.
- Follow-Ups:
- Re: CA - Certificate Authority for Authentication?
- From: 'puter-rooter
- Re: CA - Certificate Authority for Authentication?
- Prev by Date: Re: Obtain MCSE,MCSD,MCSA,MCDBA,CCNA,CCNP without exams(Pay after check results)100% passing gaurantee
- Next by Date: Re: Server slow to boot up...
- Previous by thread: Obtain MCSE,MCSD,MCSA,MCDBA,CCNA,CCNP without exams(Pay after check results)100% passing gaurantee
- Next by thread: Re: CA - Certificate Authority for Authentication?
- Index(es):
Relevant Pages
|
|
