none
Certificate recovery RRS feed

  • Question

  • Hi,

    I have just completed a setup of fim cm 2010 in my lab. Most thing are working as I want them to, but I'm not able to do recovery on behalf of a user from the portal. I would expect to see a link under the certificate profile that says "Recover this profile" just like "Renew this profile", "Revoke this profile" and "Duplicate this profile". However i'm not seeing that.

    I'm able to duplicate the profile, but that clutters the profile and I would prefer to just have the primary profile and then recover the certificates whenever a user loses the certificates (for whatever reason).

    The "Recover On Behalf Policy" is enabled for the template that I have used to issue the certificate with and i'm part of a group that has been granted access to this policy.

    So I guess that my question is if there should be a "Recover this profile" and what should I in that case use the "Duplicate this profile" for?

    Thanks :-)

    Friday, September 14, 2012 2:14 PM

All replies

  • On Fri, 14 Sep 2012 14:14:18 +0000, FIM-CM wrote:

    Hi,

    I have just completed a setup of fim cm 2010 in my lab. Most thing are working as I want them to, but I'm not able to do recovery on behalf of a user from the portal. I would expect to see a link under the certificate profile that says "Recover this profile" just like "Renew this profile", "Revoke this profile" and "Duplicate this profile". However i'm not seeing that.

    I'm able to duplicate the profile, but that clutters the profile and I would prefer to just have the primary profile and then recover the certificates whenever a user loses the certificates (for whatever reason).

    The "Recover On Behalf Policy" is enabled for the template that I have used to issue the certificate with and i'm part of a group that has been granted access to this policy.


    So I guess that my question is if there should be a "Recover this profile" and what should I in that case use the "Duplicate this profile" for?

    What type of certificate template(s) are being used in this profile
    template? Are they configured for key archival?


    Paul Adare
    MVP - Forefront Identity Manager
    http://www.identit.ca
    The computer is mightier than the pen, the sword, and usually, the
    programmer.

    Friday, September 14, 2012 2:39 PM
  • Hi Paul,

    Thanks for you answer. I'm using a custom certificate template (based upon User) that archives the key.

    Monday, September 17, 2012 8:58 AM