Ping a Specific Port

Question

William

Asked: 2011-12-08 21:40:45 +0800 CST2011-12-08 21:40:45 +0800 CST 2011-12-08 21:40:45 +0800 CST

Certificate issed to DC on every restart

772

I have installed 2 CA onto 2 Windows 2008R2 VM, one being an offline root CA and the other is intended to be the issuing CA. However I found that a DC (a 2008R2 VM) is requesting 2 certificates, namely Domain Controller Authentication and Directory Email Replication, (they are auto issued with expiration period of one year) on every reboot. I wonder if there is normal and would like to turn this 'feature' off, any idea?

1 Answers

Voted

maweeras · Answer 1 · 2011-12-19T17:58:49+08:00

Best Answer

maweeras

2011-12-19T17:58:49+08:002011-12-19T17:58:49+08:00

Its normal for the DC to ask for a cert. It does this through autoenrollment. As long as the template is approved and the DC has the relevant permissions (read, enroll and autoenroll), it can autoenroll for a cert based on the template.

You could remove the template or edit the permissions if you dont want to issue it. Use the certificate management console as per http://technet.microsoft.com/en-us/library/cc772358.aspx to remove the template if you dont want to issue it.

1

Certificate issed to DC on every restart

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?