none
FIM CM Certificate Template Attributes RRS feed

  • Question

  • Hi,

    When FIM CM requests a certificate from ADCS, there are a number of attributes that FIM CM passes (can pass) to ADCS for inclusion in the certificate. Are these attributes set in stone, or can we add additional attributes for inclusion in the user smart card certificate?

    Thanks,

    SK


    • Edited by Shim Kwan Tuesday, September 9, 2014 2:42 AM
    Tuesday, September 9, 2014 2:41 AM

All replies

  • On Tue, 9 Sep 2014 02:41:55 +0000, Shim Kwan wrote:

    When FIM CM requests a certificate from ADCS, there are a number of attributes that FIM CM passes (can pass) to ADCS for inclusion in the certificate. Are these attributes set in stone, or can we add additional attributes for inclusion in the user smart card certificate?

    You're going to need to be a little more specific here.

    What attributes are you referring to and where in FIM CM are you specifying
    them?


    Paul Adare - FIM CM MVP
    Top-posting is the computer equivalent of mailing a letter glued
    to the outside of an envelope, with a stamp attached via paper clip.
    -- Xcott Craver

    Tuesday, September 9, 2014 9:34 AM
  • When FIM CM talks to AD CS, it passes along some attributes for inclusion in the User/Smart Card Certificate.

    Are these predetermined attributes? Or can FIM CM be configured to pass any AD user attribute to AD CS?

    Thursday, September 18, 2014 7:26 AM
  • On Thu, 18 Sep 2014 07:26:48 +0000, Shim Kwan wrote:

    When FIM CM talks to AD CS, it passes along some attributes for inclusion in the User/Smart Card Certificate.

    Are these predetermined attributes? Or can FIM CM be configured to pass any AD user attribute to AD CS?

    You're still going to have to more specific here. I can't give you a
    blanket yes or no to this question. Are you talking about building the
    subject and/or subject name? What attributes specifically are you wanting
    to include in the certificate and where in the certificate do you want them
    to appear?


    Paul Adare - FIM CM MVP
    Documentation is the castor oil of programming. Managers know it must
    be good because the programmers hate it so much.

    Thursday, September 18, 2014 8:14 AM
  • So the FIM CM Policy Module running on the CA, when it write to the 'Subject' field in the certificate - this appears to be limited to a pre-set number of attributes, and we cannot pass a custom attribute to it. We are however still running FIM CM (RTM) with a few hotfixes, and not the one that shipped with FIM 2010 R2. Just wondering if this was resolved, or is it still limited to the same set of pre-set attributes? 
    Tuesday, September 23, 2014 7:53 AM