Microsoft
Software
Hardware
Network
Question : Custom Template not listed on the Certification Authority 's Enable Certificate Templates
Hi ppl:
I'm having a bit of a problem with my Enterprise Certification Authority(CA). I was following the instructions found on:
http://www.isaserver.org/i
mg/upl/vpn
kitbeta2/a
utoenroll.
htm
but I'm stuck on the part where I'm going to add the newly created template to the Certification Authority. When I do the "Certificate Template to issue" command that brings up the Enable Certificate Template dialog, the template is not there. I read that time must be allowed for the object to replicate through AD, I gave the server about 9 hours for it to replicate and still wasn't there. I also checked the domain replication with the ADSIEdit MMC Snap-in on the three DC's and the template was replicated as supposed. All DC's are Windows 2003 Server Standard Edition.
Pleaseeeeee?
Thanks,
Virgilio
Answer : Custom Template not listed on the Certification Authority 's Enable Certificate Templates
Whew is right... the documentation is a circus. Unless the whew was meant for me. :-)
Basically the article from isasserver.org is walking you through configuring the certificate for autoenrollment. The problem is that 2003 Standard CA only supports v1 certs, and v1 certs do NOT support autoenrollment. Autoenrollment and autorenewal are new features of 2003, it wasn't possible to autoenroll user certificates in 2000 server, only computer and EFS.
Where the isaserver.org article fails in my opinion is that they do not tell you that what they are doing is only supported on Enterprise.
There is no way that I'm aware of to duplicate a v1 template in 2003 Standard and keep it at v1. It's a pain but you will probably just have to manually issue certs for L2TP/IPSec.
Check out this link for more reading on v1 and v2 certs and 2003 Standard vs. Enterprise.
http://www.microsoft.com/r
esources/d
ocumentati
on/Windows
Serv/
2003/
standard/p
roddocs/en
-us/Defaul
t.asp?url=
/resources
/
documenta
tion/Windo
wsServ/200
3/standard
/proddocs/
en-us/
ctco
n_concepts
_using.asp
Random Solutions
How to redirect based on IP address
how to protect my live tv streaming
How can I modify a batch script backup tool (using xcopy), to pull a list of drive paths from a file?
Exchange 2003 will not send/receive
Mapping Drives
Weird Situation
Sybase max table and column name length
Admin Script with a bit of Altiris
DFS and PreExisting Data how to I merge them?
Microsoft, Remote Desktop Access, Win XP Pro, Quit working for no known reason
