Windows Server 2008 R2 Certificate Authority Benefits (backup user certs)

-

i looking migrating ca 2003 2008 r2 , wondering if has found white papers on difference between two.  i've seen lot of articles on migrating 2008 r2 seem pretty straight forward.  one of main concerns , reasons switch users not backup users cert , key.  does 2008 r2 provide auto backup of each users individual cert , private key?  or still have done on each individual users pc?  can export , users certificate , key 2008 r2?  i know can't 2003 ca.  any great, thanks!

hi,

based on research, don’t have backup certificates , keys on client machines during migration process, , don’t think windows server 2008 r2 provides automatic backup each user’s individual certificate , private key.

what need manually backing ca database, private key, registry settings , policy.inf information on ca server.

actually, user certificates reside in:

documents , settings\< username>\applicationdata\microsoft\systemcertificates\my\certificates

for each user profile. roaming profiles, user's certificates located on domain controller certificates follow users when log on different computers in domain.

in regard third question, answer we can export certificate private key windows server 2008r2, , users or local administrators minimum group membership required complete procedure.

here related links below useful you:

active directory certificate services migration guide

http://technet.microsoft.com/en-us/library/ee126170(v=ws.10).aspx

how certificates stored

http://technet.microsoft.com/en-us/library/cc962104.aspx

certificates tools , settings

http://technet.microsoft.com/en-us/library/cc787544(v=ws.10).aspx

export certificate private key

http://technet.microsoft.com/en-us/library/cc754329.aspx

please feel free let me know if didn’t understand correctly.

best regards,

amy wang





Windows Server  >  Security



Comments

Post a Comment

Popular posts from this blog

Group Policy Event ID 1058 Error Code 1326 (The user name or password is incorrect)

-
i seeing odd error on 1 of our domain controllers. have dealt event id 1058 errors whereby policy (or policies) not replicating, receiving error along error code 1326 on server, , apparently happening default domain policy: log name:      system source:        microsoft-windows-grouppolicy date:          8/10/2015 3:09:54 pm event id:      1058 task category: none level:         error keywords:      user:          s-1-5-21-1484152634-2550175353-3916092219-3287 computer:      <dc name>.<domainname> description: processing of group policy failed. windows attempted read file http://schemas.microsoft.com/win/2004/08/events/event ">   <system>     <provi...
Read more

Suspicious event log Event ID: 4905

-
hi thr, could please me understand causing such event logs generate ? as  i understand, vssvc.exe pertains volume shadow copy used backup purpose.  we have third party application used taking backup of servers. the event longs generated following messages: 1) attempt made unregister security event source. 2) attempt made register security event source. these events not regular generated on random days. standard fields: date:               2013/10/19 time:               02:32:19 importance:         critical rule name:          security event monitored machine:  <domain controller> log format:         windows log name:           security event id:           4905 in work hours:      yes dynamic fields: internal timestamp: 2013/10/19 ...
Read more

DCOM received error "2147746132" from...

-
hi everybody, i have dc (my windows essentials 2012 server) , windows 2012 server in network.  the windows server 2012 inside domain. on server, got "non stopping" error says in event logs : ===> dcom received error "2147746132" fromd computer xxxx(my dc computer) while server trying activation : {6df8cb71-153b-4c66-8fc4-e59301b8011b} it never stops, got 11000+ new events :s i found : http://support.microsoft.com/kb/971153/fr i'm not sure should ? does got idea ? matthieu. hi, please try solution mentioned in below link: http://www.eventid.net/display-eventid-10006-source-dcom-eventno-272-phase-1.htm regards, cicely Windows Server  >  Windows Server 2012 General ...
Read more