Click here to get back home

Implementing PKI infrastructure in multiple forrests
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Implementing PKI infrastructure in multiple forrests Kenneth Bess 01-14-2008
Posted by Kenneth Bess on January 14, 2008, 2:47 pm
Please log in for more thread options
 Hi,

Does anyone know if it's possible to implement a PKI infrastructure in
multiple forrests, where only one way trusts is configured.

Scenario:
PKI implemented in forrest A, domain A - certificates needs to be en-rooled
on clients in forrest B, domain B.
forrest trust created between forrest A and B.

I hope that someone is able to help me.

Thanks,
Kenneth


Posted by Brian Komar on January 14, 2008, 5:36 pm
Please log in for more thread options
 You need to deploy separate enteprise CAs in each forest. An enterprise CA
cannot issue certificates to clients that are not in the same forest.
So you could deploy a common root CA with two subordinate enterprise CAs
(one in domainA and one in DomainB). They share a common root CA, so
certificates are trusted between the two forests.
Brian

> Hi,
>
> Does anyone know if it's possible to implement a PKI infrastructure in
> multiple forrests, where only one way trusts is configured.
>
> Scenario:
> PKI implemented in forrest A, domain A - certificates needs to be
> en-rooled on clients in forrest B, domain B.
> forrest trust created between forrest A and B.
>
> I hope that someone is able to help me.
>
> Thanks,
> Kenneth


Similar ThreadsPosted
Firewall setting for multiple FTP sites using multiple ports September 12, 2006, 12:35 pm
Implementing 802.1X in a LAN enviorment January 31, 2006, 4:44 am
GPO not implementing rename of Administrator Account April 27, 2006, 5:19 am
what to use for internal update infrastructure? July 18, 2006, 4:06 pm
Infrastructure Master Role October 22, 2006, 6:37 am
TechNet Webcast: grow your IT org into a dynamic infrastructure September 12, 2006, 2:06 pm
Secure and Well-Managed Infrastructure Webcast Series - Next Week October 5, 2005, 3:55 pm
Microsoft Executive Circle Webcast: Security360 with Mike Nash: Building a Secure, Connected Infrastructure with Digital Certificates April 18, 2006, 7:25 am
Multiple Password Policies? June 22, 2005, 12:15 pm
Can I have multiple password policies? March 19, 2007, 1:17 am

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap