Presentation is loading. Please wait.

Presentation is loading. Please wait.

16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure."— Presentation transcript:

1 16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Introduce the Public Key Infrastructure  Understand the core components of a Public Key Infrastructure  Implement a Stand-alone Certification Authority  Use Web Enrollment services  View certificates  Implement an Enterprise CA  Use automatic enrollment to enroll user certificates  Use automatic enrollment to enroll computer certificates Goals

2 16.2 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Public Key Infrastructure (PKI) is a set of services that supports the use of cryptography  Cryptography is the art of hiding information while it is stored or in transit  Processes involved in cryptography  Encryption is the process of converting clear text into cipher text  Decryption is the process of converting encrypted text back to clear text Introducing the Public Key Infrastructure (Skill 1)

3 16.3 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Public key cryptography  An encryption method used in PKI implementations  Secures data transmissions over networks that are not trusted, such as the Internet Introducing the Public Key Infrastructure (2) (Skill 1)

4 16.4 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Secret key cryptography  Involves sharing a private or secret key between two individuals who are involved in a communication session  If any one of them loses or makes the secret key available to someone outside of the group, data security is compromised Introducing the Public Key Infrastructure (3) (Skill 1)

5 16.5 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Public key cryptography  Uses a pair of keys for encryption: one public key and one private key  The public key is mathematically related to the private key  When either of the keys is used to encrypt a message, the other key can be used to decrypt it  When you use a key pair, only the owner has possession of the private key Introducing the Public Key Infrastructure (4) (Skill 1)

6 16.6 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-1 Secret versus Public Key Cryptography (Skill 1)

7 16.7 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Public key authentication  The private key is used to create a digital signature that binds the sender’s identity to the data that is transmitted  The public key is used to decrypt the digital signature on the receiving end Introducing the Public Key Infrastructure (5) (Skill 1)

8 16.8 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Certification Authorities (CAs)  To obtain a pair of keys, the CA must be contacted and you must present some form of proof of identity  In the public key cryptography system, this provides a foundation of a certain level of trust Introducing the Public Key Infrastructure (6) (Skill 1)

9 16.9 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-2 Certificate Analogy (Skill 1)

10 16.10 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Core components of a PKI  Public/private keys  Digital certificates  Certification Authorities (CAs) Understanding the Core Components of a Public Key Infrastructure (PKI) (Skill 2)

11 16.11 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Public/private keys  Used to encrypt and decrypt information  Provide digital signing and authentication capabilities Understanding the Core Components of a Public Key Infrastructure (PKI) (2) (Skill 2)

12 16.12 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Digital certificates  Verify the identity of a user, computer, or service, by matching the public and private key pair  Give rights and permissions to their holders to ensure security of communications Understanding the Core Components of a Public Key Infrastructure (PKI) (3) (Skill 2)

13 16.13 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Certification Authorities (CAs)  Verify information submitted by an entity  Release the digital certificates after validating the data  Vouch for the authenticity of the public keys that belong to users, computers, and/or other CAs Understanding the Core Components of a Public Key Infrastructure (PKI) (4) (Skill 2)

14 16.14 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Certificate Services  Used in Windows Server 2003 to host a CA hierarchy  Two types of CAs  Enterprise CA  Stand-alone CA  In each category, either a Root CA or Subordinate CA is implemented Understanding the Core Components of a Public Key Infrastructure (PKI) (5) (Skill 2)

15 16.15 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Enterprise CAs  Take advantage of Active Directory  Provide automatic enrollment feature  Stand-alone CAs  Do not take advantage of the Active Directory  Provide manual enrollment  Can be installed on a stand-alone server Understanding the Core Components of a Public Key Infrastructure (PKI) (6) (Skill 2)

16 16.16 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Root CA  Signs its own certificate during the installation process  Considered the point of trust for a PKI hierarchy  Designed to issue certificates only to other CAs, known as Subordinate CAs  Subordinate CAs  Issue certificates to users, computers, and services Understanding the Core Components of a Public Key Infrastructure (PKI) (7) (Skill 2)

17 16.17 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Stand-alone Root CAs  Top-level CAs in a CA hierarchy  May or may not be a member of a domain  Can be disconnected from the network to provide a higher level of security for the PKI  Issue certificates to Subordinate CAs Implementing a Stand-alone Certification Authority (Skill 3)

18 16.18 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Issuing certificates by Root CAs to Subordinate CAs  Save certificate requests to a Subordinate CA on a floppy disk  Use the Web Enrollment Support pages on the Stand- alone Root CA to submit the requests to an offline Stand-alone root CA Implementing a Stand-alone Certification Authority (2) (Skill 3)

19 16.19 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Issuing certificates by Root CAs to Subordinate CAs  Root CA has to approve the certificate  The new certificate can be downloaded to the floppy disk and installed on the Subordinate CA  Subordinate CAs are then configured to issue certificates to users, computers, and services Implementing a Stand-alone Certification Authority (3) (Skill 3)

20 16.20 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Issuing certificates by Stand-alone Subordinate CAs to others  Users can only request certificates through the Web Enrollment Support pages  Users must enter more information to identify themselves as compared to an Enterprise CA Implementing a Stand-alone Certification Authority (4) (Skill 3)

21 16.21 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Issuing certificates by Stand-alone Subordinate CAs to others  The certificate is issued to the user after the Administrator for the CA has reviewed them  The user must then access the CA through the Microsoft Certificate Services Web site to install the certificate on the local computer Implementing a Stand-alone Certification Authority (5) (Skill 3)

22 16.22 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-3 Installing Certificate Services (Skill 3)

23 16.23 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-4 A Microsoft Certificate Services warning message box (Skill 3)

24 16.24 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-5 Configuring a Stand-alone Root CA (Skill 3)

25 16.25 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-6 Certificate Database Settings (Skill 3)

26 16.26 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-7 The Certification Authority console (Skill 3)

27 16.27 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Once you have a Public Key Infrastructure in place, you can start to issue certificates  On a Stand-alone Root CA, you must request a certificate by using the Microsoft Certificate Services Web Enrollment Support pages located at:  http://servername/certsrv  servername is the computer name for the server that is hosting Certificate Services Using Web Enrollment Services (Skill 4)

28 16.28 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Web Enrollment Support pages  Used to request certificates  Used to check the status of a recently submitted request  Used to retrieve the CA’s certificate to place in your trusted root store  The certificate store is where you store certificates locally on the computer from which they were requested Using Web Enrollment Services (2) (Skill 4)

29 16.29 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-8 The Certificate Services Enrollment Web Page (Skill 4)

30 16.30 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-9 Entering Identifying Information to Request a Certificate (Skill 4)

31 16.31 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-10 Certificate Pending Status (Skill 4)

32 16.32 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-11 The Pending Certificate in the Certification Authority console (Skill 4)

33 16.33 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-12 The Issued Certificate (Skill 4)

34 16.34 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-13 Installing the Certificate (Skill 4)

35 16.35 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  A CA uses its private key to digitally sign the certificate, which includes a public key  The digital signature binds the value of the public key to a user, computer, or service, which holds the corresponding private key  Certificates are based on the X.509 certificate standard, which specifies the format and information contained within the certificate itself Viewing Certificates (Skill 5)

36 16.36 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Certificate information  Contains the public key  Provides information about the person or entity to whom the certificate was issued  Provides information about the certificate and the CA that issued it Viewing Certificates (2) (Skill 5)

37 16.37 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Each certificate is broken down into three tabs  General tab  Details tab  Certification Path tab Viewing Certificates (3) (Skill 5)

38 16.38 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  General tab  Shows who the certificate was issued to  Shows what CA issued it  Identifies the period of time the certificate is valid Viewing Certificates (4) (Skill 5)

39 16.39 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Details tab  Provides the version of the certificate  Provides its serial number  Provides the algorithm used to create the certificate  Provides information about the CA that issued the certificate  Identifies the validity period Viewing Certificates (5) (Skill 5)

40 16.40 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Details tab  Under the subject field  Identifies to whom the certificate is issued  Specifies the type and length of the public key associated with the certificate  Enhanced key usage  Indicates what the certificate can be used for  Examples include client authentication, Encrypting File System, secure e-mail Viewing Certificates (6) (Skill 5)

41 16.41 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Certification Path tab  Displays the path to the certificate from the trusted root  Provides the status of the certificate by indicating whether the certificate is OK or has been damaged Viewing Certificates (7) (Skill 5)

42 16.42 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-14 Choosing the account the Certificates snap-in will manage (Skill 5)

43 16.43 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-15 The Certificates snap-in (Skill 5)

44 16.44 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-16 Certificate – General Tab (Skill 5)

45 16.45 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-17 Certificate – Details Tab (Skill 5)

46 16.46 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-18 Certificate – Certification Path Tab (Skill 5)

47 16.47 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Enterprise CAs  Self-sign their own digital certificates  Active Directory must be implemented on the network in order to create an Enterprise CA  Enterprise CAs take advantage of Active Directory features  Smart card authentication  Predefined certificate templates  Automatic identification of the requester Implementing an Enterprise CA (Skill 6)

48 16.48 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Enterprise CAs  Use Group Policy to enter their certificates in the trusted root certificate store for all users/computers in the domain  To accomplish this on a Stand-alone CA, you would have to access the Web Enrollment Support pages to install the CA certificate chain manually Implementing an Enterprise CA (2) (Skill 6)

49 16.49 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-19 Configuring an Enterprise Root CA (Skill 6)

50 16.50 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-20 CA Identifying Information CA (Skill 6)

51 16.51 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-21 Stopping Internet Information Services (Skill 6)

52 16.52 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-22 Confirming that Certificate Services is Running (Skill 6)

53 16.53 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Windows Server 2003 and Windows XP Professional support the automatic enrollment of computer and user accounts  To enable automatic enrollment  Create a certificate template for your user accounts  Give the appropriate accounts permission to use the template Using Automatic Enrollment to Enroll User Certificates (Skill 7)

54 16.54 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  To enable automatic enrollment  Configure the Enterprise CA to issue the appropriate certificates based on the template  Configure Group Policy to enable automatic enrollment  After all of these settings have been configured, each user account will automatically retrieve a user certificate the next time Group Policy refreshes Using Automatic Enrollment to Enroll User Certificates (2) (Skill 7)

55 16.55 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-23 The User template in the Certificate Templates snap-in (Skill 7)

56 16.56 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-24 The Properties dialog box for the new template-General tab (Skill 7)

57 16.57 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-25 The Request Handling tab (Skill 7)

58 16.58 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-26 The Subject Name tab (Skill 7)

59 16.59 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-27 Assigning Auto-enrollment permissions (Skill 7)

60 16.60 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-28 The Enable Certificate Templates dialog box (Skill 7)

61 16.61 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-29 The Autoenrollment Settings Public Key Policy (Skill 7)

62 16.62 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-30 The Autoenrollment Settings Properties dialog box (Skill 7)

63 16.63 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  Group Policy can be configured to automatically enroll computer certificates  Computer certificate auto-enrollment is available for  Windows 2000  Windows Server 2003  Windows XP Professional Using Automatic Enrollment to Enroll Computer Certificates (Skill 8)

64 16.64 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure  You do not need to create a new template to perform auto-enrollment for computer accounts  Just enable auto-enrollment in the Group Policy Object Editor for the appropriate GPO Using Automatic Enrollment to Enroll Computer Certificates (2) (Skill 8)

65 16.65 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-31 Computer Configuration Public Key Policies (Skill 8)

66 16.66 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure Lesson 16: Applying Certificate Services in an Active Directory Infrastructure Figure 16-32 Setting computer autoenrollment properties (Skill 8)

Download ppt "16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure."

Similar presentations

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Deploying and Managing Active Directory Certificate Services

Deploying and Managing Active Directory Certificate Services
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
15.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.

15.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.
Chapter 9 Deploying IIS and Active Directory Certificate Services

Chapter 9 Deploying IIS and Active Directory Certificate Services
70-284 MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.
Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Chapter 11: Active Directory Certificate Services

Chapter 11: Active Directory Certificate Services
7.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

7.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
14.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

14.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
9.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 9: Installing and Configuring.

9.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 9: Installing and Configuring.
12.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Similar presentations

Ads by Google