Active Directory Certificate Services Cross-Forest Enrollment

Download 312 Kb. Page 1/15 Date 04.02.2024 Size 312 Kb. #63423

Navigate this page:

• Copyright Information

Cross-forest Certificate Enrollment with Windows Server 2008 R2 Microsoft Corporation Published: August 31, 2010 Abstract Windows Server® 2008 R2 allows enterprises to issue digital certificates from an enterprise Certification Authority (CA) to the clients that are members of a different Active Directory Domain Services (AD DS) forest. This process is called cross-forest certificate enrollment. This white paper will explain how the cross-forest certificate enrollment works. It will also provide deployment guidance for new and existing Active Directory Certificate Services (AD CS) deployments. The paper will cover strategies for consolidating existing certificate templates that may be already in use in the enterprise. It will present choices for ongoing management of the cross-forest certificates deployment. A PowerShell script is also provided to facilitate management tasks related to setting up and maintaining cross-forest certificate enrollment environment. Copyright Information This document is provided for informational purposes only and Microsoft makes no warranties, either express or implied, in this document. Information in this document, including URL and other Internet Web site references, is subject to change without notice. The entire risk of the use or the results from the use of this document remains with the user. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. © 2008 Microsoft Corporation. All rights reserved. Active Directory, Microsoft, and Windows Server are trademarks of the Microsoft group of companies. All other trademarks are property of their respective owners. Download 312 Kb. Share with your friends: