Click here to get back home

Ceritifcate Services Autoenrollment Subject Name Format
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Ceritifcate Services Autoenrollment Subject Name Format Ragnar 04-23-2006
Posted by Ragnar on April 23, 2006, 4:33 pm
Please log in for more thread options
 Hi

Does anyone know if it's possible to change how the subject name format is
for a certificate template - beyond the options you have by default
(provided by Microsoft) using autoenrollment?

E.g. the only option you have for subject name format (autoenrollment) is
distinguished name, common name and none. What if I would like to use lets
say "CN=User1,O=Company,C=COM" instead of
"CN=User1,CN=Users,DC=Domain,DC=com"?

Running Active Directory Windows Server 2003 SP1 native mode, enterprise ca.


/Ragnar



Posted by chriss3 [MVP] on April 23, 2006, 5:12 pm
Please log in for more thread options
 No, Since AD doesn't support other top level names than the domain component
and you can only have one distinguished name.

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services


No email replies please - reply in the newsgroup
------------------------------------------------
http://www.chrisse.se - Active Directory Resources

> Hi
>
> Does anyone know if it's possible to change how the subject name format is
> for a certificate template - beyond the options you have by default
> (provided by Microsoft) using autoenrollment?
>
> E.g. the only option you have for subject name format (autoenrollment) is
> distinguished name, common name and none. What if I would like to use lets
> say "CN=User1,O=Company,C=COM" instead of
> "CN=User1,CN=Users,DC=Domain,DC=com"?
>
> Running Active Directory Windows Server 2003 SP1 native mode, enterprise
> ca.
>
>
> /Ragnar
>
>



Posted by Ragnar on April 26, 2006, 7:27 am
Please log in for more thread options
Too bad, quite an limitation if you want to autoenroll certificates to be
used against another system that expect a different format...

Thanks for your reply!




> No, Since AD doesn't support other top level names than the domain
> component and you can only have one distinguished name.
>
> --
> Regards
> Christoffer Andersson
> Microsoft MVP - Directory Services
>
>
> No email replies please - reply in the newsgroup
> ------------------------------------------------
> http://www.chrisse.se - Active Directory Resources
>
>> Hi
>>
>> Does anyone know if it's possible to change how the subject name format
>> is for a certificate template - beyond the options you have by default
>> (provided by Microsoft) using autoenrollment?
>>
>> E.g. the only option you have for subject name format (autoenrollment) is
>> distinguished name, common name and none. What if I would like to use
>> lets say "CN=User1,O=Company,C=COM" instead of
>> "CN=User1,CN=Users,DC=Domain,DC=com"?
>>
>> Running Active Directory Windows Server 2003 SP1 native mode, enterprise
>> ca.
>>
>>
>> /Ragnar
>>
>>
>
>



Similar ThreadsPosted
CA certificate template custom subject name format January 9, 2007, 1:49 pm
CA certificate template custom subject name format January 16, 2007, 12:11 am
change ca certifiactes' subject name September 21, 2005, 12:36 pm
How to add a subject alternative name to a request? October 2, 2008, 9:59 am
Help with AutoEnrollment Error 15 March 22, 2007, 10:21 am
Autoenrollment Fails September 16, 2007, 3:48 pm
Win2003 PKI : certreq.exe using 'special' subject fields October 2, 2007, 10:22 am
Autoenrollment error number 6 October 4, 2005, 10:39 am
Certificate autoenrollment and AD publishing July 24, 2008, 9:15 am
Multiple CAs: Selection mechanism for autoenrollment? June 16, 2005, 1:14 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap