WS2008 Certificates Enrollment on behalf of user on e-token through the mmc snap-in with administrator approvement
Hi, got a question.
Can't find any how-to guide:
i have to enroll certificate on behalf of user on the e-token with approvement of administrator.
i find, that it have been mooved from web-enrollment to the mmc snap-in.
But where can i find step-by-step guide how Enrollment Agent can enroll certificate on behalf of user?
when enrollment agent enroll certificate (personal - advanced - enroll certificate behalf on) it appears in pending.
and how to install it when administrator issues it? in this case (on behalf of user) no certificates appears in Enrollment Agent's container "Certificates Enrollment requests" in "Certificates - current user"..
advice me some links on MS
Thanks..
May 2nd, 2010 9:20pm
The following article describes how to perform EOBO in Windows Vista and higher:
http://technet.microsoft.com/en-us/library/cc770802.aspx
also I have posted a little guide about V2 certificate template configuration:
http://www.sysadmins.lv/PermaLink,guid,7c130407-4d6a-40a1-8090-8dae07e26353.aspx
(the blog post in russian, so you may have to use any online translator).
About second question. Certificate request don't appear in Certificate Enrollment Requests container because certificate request and correspoonding private key is stored on the smart card. So you will need to manually install CA response (issued certificate)
directly to the token.http://www.sysadmins.lv
Free Windows Admin Tool Kit Click here and download it now
May 2nd, 2010 9:44pm
Thanks for the link's, but i have read it some days ealier.
I'm needed the guide, where I can find step-by-step instruction how to manually install certificate directly to the token.
Thanks.
May 4th, 2010 2:09pm