locked
08 server CA Questions RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    2008 server CA Questions

    Does A CA have be a DC for auto enrollment to work if you are using 2008 CA services with NAP for wireless deployment or can use a member server.

    Do you have to update the 2003 schema to run 2008 CA services?

    Please only direct answers yes or no would be helpful

    How can use PKI and wireless authentication for windows CE handhelds since they do not join the Domain.

    Machine based cert only using webenrollment ?  

    Any on this would be great


    Thanks
    Monday, October 20, 2008 6:42 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    Hi Jerry,

    Q: Does A CA have be a DC for auto enrollment to work if you are using 2008 CA services with NAP for wireless deployment or can use a member server.
    A: No. It can be a member server.

    Q: Do you have to update the 2003 schema to run 2008 CA services?
    A: No.


    Q: How can use PKI and wireless authentication for windows CE handhelds since they do not join the Domain.
    A: I am not very familiar with Windows CE. Please refer to http://msdn.microsoft.com/en-us/library/ms926458.aspx.

    Q: Machine based cert only using webenrollment?  
    A: Please rephrase the question. I am not sure I understand what you are asking.

    Please have a look at the NAP IPsec step by step guide. This uses a 2003 DC with CA on a member server and also employs autoenrollment for exemption certificates. I think this answers most of your questions above.

    Thanks,
    -Greg
    Thursday, October 23, 2008 9:07 PM