I need to add automatically an Active Directory attribute (i.e. organization) to the Subject Name Build from AD DS options in a template, or in a Alternative Name. It is a unique ID per user, which I can try to put in the AD, but I don't know how to pass it in a certificate template to include it into Subject Name, for applications to athenticate it. The DN I get from AD is ever based on CN=,OU=,DC= . There are two possible ways ??? change AD in order to provide a DN with the fields we want CN=,Title=,OU=,DC=, imagining i put in the field Title my unique ID change a template i order to allow authomatic importing from Active Directory of other attributes like in this example Title Any clue will be welcome

Hi, The X.500 directory uses distinguished names as the primary keys to entries in the directory. Distinguished Names are encoded in ASN.1 in the X.500 Directory protocols. In the Lightweight Directory Access Protocol, a string representation of distinguished names is transferred. This specification defines the string format for representing names, which is designed to give a clean representation of commonly used distinguished names, while being able to represent any distinguished name. String X.500 AttributeType ------------------------------ CN commonName L localityName ST stateOrProvinceName O organizationName OU organizationalUnitName C countryName STREET streetAddress DC domainComponent UID userid Default Active Directory Naming Attributes Object Class Naming Attribute Display Name Naming Attribute LDAP Name user Common-Name cn organizationalUnit Organizational-Unit-Name ou domain Domain-Component dc change AD in order to provide a DN with the fields we want CN=,Title=,OU=,DC=, imagining i put in the field Title my unique ID >> It is impossible. Hope this helps! Best Regards Elytis ChengElytis Cheng TechNet Community Support

And deliver a certificate template, which automatically add an specific attribute to the subject of the certificate???JOSELITO

Hi, We can find the Subject type with this link: Default templates in Windows Server 2008 http://technet.microsoft.com/en-us/library/cc730826(v=WS.10).aspx Hope this helps! Best Regards Elytis ChengElytis Cheng TechNet Community Support

I'm not sure I understand your question. do you want to add the value of an attribute in AD als part of the DN of the subject Like, CN=Name+some value from AD,OU=... Or do you want to add a attribute as part of the DN like CN=name,Attribute=Attribulevalue,,OU=.. The last one is not possible because it is not a vaild x500 format. Maybe you can write or purcahes a custom policy module for this? cf. http://msdn.microsoft.com/en-us/library/windows/desktop/aa387348(v=vs.85).aspx Good question anyway,