I've got a CA setup as a cluster. One of the issues I'm coming across is that if there is a failover the CRL may not be updated on the new node. I've created a POSH script to update the CRL during failover however I can't seem to get it to execute properly. It works fine under my user account but not via POSH and the SYSTEM account. Anyone know what permissions I need to setup to get Clustering to be able to update a CRL?David Jenkins

I understand about the permissions. I'm thinking about elevated priviledges. I'm attempting to use the SYSTEM account which would already have access I think. Right now my choices are to use a Scheduled Task which can elevate priviledges or maybe setup a service. David Jenkins

I was hoping to make the failover smarter by adding a script that would for the CRL to update after a failover. Without being able to elevate it won't work. :(David Jenkins

That's a nice answer if you have plenty of servers to dish out a web cluster on top of the ca cluster. In my case this isn't going to happen. David Jenkins

so long.... I tried to answer your question, you refused every answer, because you wanted to use your poorly designed system Tried to help, you rejected it Buh bye, only the second person that i have marked as never answer... So long

Maybe if you didn't attempt to insult people first. Really your the first person I've ever called a Jerk on this forum. Jerk!David Jenkins

Last reply... I gave you answers throughout. You refused to follow them Your design has issues (see revocation checking best practices) Sorry

Maybe if you didn't attempt to insult people first. Really your the first person I've ever called a Jerk on this forum. Jerk! David Jenkins Brian, your solution works fine, I have already implemented it a while ago. David, I think you would benefits from paying attention on his answer as he is fully aligned with best practices. Maybe he is not saying exactly what you you would have expected to hear but his answer is the best fit for your challenge. On another hand, I do not see insult in his term because his is qualifying it as a poor design. I have grown up from comment from people on things that I was not doing well. If I would have rejected any critics, I would have stay where i was. Now it is up to you if you want to solve your issue.