Certificate problem/hell, help!

Discussion in 'Computer Security' started by demarrer, Jan 26, 2010.

  1. demarrer

    demarrer Byte Poster

    165
    5
    25
    This issue has been bugging me for a while. Google and other web searches cant find the answer.
    can any on help? The problem is:

    I install a personal certificate via a AD certificate service website to a client. All is working fine for the client ie it can use the cert to connect to the VPN. However as soon as the client changes the domain password, the certificate just does NOT work with the VPN and the users cant connect.

    ..with a password policy that requires users to change every so many days, renewing certificates has become my lifes work!

    any ideas, MOST welcome.
    :cry:
     
    Certifications: A+, Security +, CCNA, CCSA
    WIP: music, (dreaming of) CCIE Security :D
  2. EZE Training Instr

    EZE Training Instr Bit Poster

    38
    5
    0
    Hi

    Is the certificate a "Computer" certificate or a user certificate. Use the MMC to open the computer account and enrol a certfificate from the personal store.

    Regards

    Gareth Jones
    Chief Instructor
     
    Certifications: MCT, MCITP, MCTS, VCI, VCP, CCNA, CCNP
  3. craigie

    craigie Terabyte Poster

    3,020
    174
    155
    Your best bet is to use Autoenrolment for specific types of users which will overcome this.

    You will need to have a Certificate Authority and have your Mobile Users in a specific group.

    If you follow this guide, it will able to takl you through how to do it http://technet.microsoft.com/en-us/library/cc778954(WS.10).aspx
     
    Certifications: CCA | CCENT | CCNA | CCNA:S | HP APC | HP ASE | ITILv3 | MCP | MCDST | MCITP: EA | MCTS:Vista | MCTS:Exch '07 | MCSA 2003 | MCSA:M 2003 | MCSA 2008 | MCSE | VCP5-DT | VCP4-DCV | VCP5-DCV | VCAP5-DCA | VCAP5-DCD | VMTSP | VTSP 4 | VTSP 5

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.