Archive for July, 2009
Some while ago my colleague Pieter de Bruin and myself wrote an article about authentication and authorization with ADAM and ASP.NET.
Last a co-worker requested this info so It maybe still useful for others to post it here.
Last time I came across a strange limitation in Windows 2008 Server Standard Edition. We were busy building a new OCS (Office Communication Server) infrastructure and we found a running CA (Certificate Authority) which we wanted to utilize for the internal TLS certificates.
However we didn’t succeed in using the required Certificate templates for OCS.
After some investigation it seems that Windows 2008 Server Standard Edition supports only V1 Certificate Templates.
I grabbed my PKI book from Brian Komar (he is the best PKI resource I know) his book can be found here.
And my suspicion was confirmed:
“An enterprise CA running on standard edition of windows 2003 or windows 2008 can issue certificates based only on version1 cert templates. This is a common problem encountered by companies because they do not realize that the Standard editions cannot issue version 2 or 3 cert templates.
The only way to issue version 2 or version 3 cert templates is to perform an upgrade in place to the Enterprise edition of the Operating system”
Of course this is not the case with the Enterprise edition of Windows Server 2008.
So be aware, if you plan a PKI infrastructure ask your customer to look ahead in the future and justify the investment of one Enterprise Edition of Windows server
Microsoft is about to release System Center Operations Manager (SCOM) R2.
R2 will have of course new features such as a Visio integration, but the element i am very curious about is the integration with Microsoft System Center Virtual Machine Manager R2.
I will try to post regularly on this subject as i will implement this in my Hyper-V environment.