Windows 11 setting up CES and CEP PKI in a trusted forest scenario

  • Thread starter Thread starter NickSTL77
  • Start date Start date
N

NickSTL77

I have two domains with a two-way forest trust. I want computer accounts in DomainB to enroll for computer client auth certificates from the two-tier Windows CA in DomainA. I configured a certificate cert template in the issuing CA for this and gave Read and Enroll rights to the computer in DomainB.I configured the issuing CA in DomainA for the Certificate Enrollment Policy Web Service and Certificate Enrollment Web Service according to the Microsoft documentation. CEP and CES are using Kerberos authentication using a domain service account with an SPN and configured for Kerberos delegati

Continue reading...
 
You must log in or register to reply here.

Similar threads

L
Windows 10 Need help with Certificate Authority and cannot Submit a Certificate Request, bad Pki entries in my domain??
Replies
0
Views
62
LeeJohnson7
L
D
PKI - Manual Enroll - Auto Renewal - Possible?
Replies
4
Views
383
DJH
D
S
Certificate Services - Web Enrollment Error
Replies
0
Views
382
Sektor
S
N
Web Slice and Feed Authentication – Developer Guidelines
Replies
0
Views
202
NewsBot
N
Back
Top