Active Directory Archives - RickyGao Pty Ltd
137
archive,category,category-ad,category-137,ajax_fade,page_not_loaded,,qode_grid_1300,footer_responsive_adv,qode-child-theme-ver-1.0.0,qode-theme-ver-11.1,qode-theme-bridge,wpb-js-composer js-comp-ver-5.1.1,vc_responsive

Active Directory

Last time, I had revoked the previews sub ordinated enterprise CA due to DC migration in my lab But after a few days, I noticed some errors shown up in pkiview.msc as below ...

For some reason, I was using my Hyper-V host server as my domain controller and certificate authority. I realized that this is not a good idea for long term lab planning purpose One of the reason behind that is...

By enabling auto enrollment for user and computer certificate, our life become much easier. However, the certificates generated from "Computer Certificate" template is not on the purpose of website (IIS), but only for computer talking to each other. So how about If I want...

Last time I talked about the differences between Active Directory synchronization (DirSync) and SSO (ADFS)So let's start to set DirSync upLogin into your Office 365 portal, and let's follow Microsoft's steps to setup Active Directory synchronization1. Prepare for directory synchronizationCheck prerequisites, including computer requirements and...

From the Microsoft PKI hierarchy best practise, we all know that a good PKI hierarchy design should include an Offline Root CA and multi-tiers of online enterprise subordinate CA. Actually two tiers or three tiers, single server or multi-servers are pretty much the same configuration,...

Sometimes it's really painful when IT administrator trying to ask a user to apply his/her computer certificate or user certificate. With the help of group policy, we can automatically enroll the user and computer certificate when the computer is boot up or the user is...

Different PKI certificate formats are always confusing people, and the definition from X.509 is really boring and hard to understand. I've add some of my comments to each of the certificate format, hopefully can help IT PROs better understanding of them 各种数字证书格式文件总是能让人头疼,即便你去看X.509对于各种证书文件格式的定义,会把你搞得更混乱。所以我这里将各种数字证书格式文件罗列下来,其中包含一些我的个人理解和注释,希望对迷惑的朋友们有些帮助 File TypeDefinitionCommentPublic KeyPrivate Key通俗解释CSRCertificate Signing...