Skip to main content

Chris Stanley

Chris Stanley's Public Library

  • To be clear, there is absolutely no issue with installing multiple Windows root CAs in the same forest. You can deploy your new PKI and keep it from issuing certificates to your users or computers until you are good and ready for it to do so. And while you’re doing all this, the old CA will continue to chug along oblivious to the fact that it will soon be removed with extreme prejudice.

  • Warning       During the migration procedure, you are asked to turn off your existing CA (either the computer or at least the CA service). You are asked to name the destination CA with the same name that you used for the original CA. The computer name, (hostname or NetBIOS name), does not have to match that of the original CA. However, the destination CA name must match that of the source CA. Further, the destination CA name must not be identical to the destination computer name.
  • To install an enterprise CA or a standalone CA on a domain member computer, you must be a member of the Enterprise Admins group or Domain Admins group in the domain. To install a standalone CA on a server that is not a domain member, you must be a member of the local Administrators group. Removal of the CA role service from the source server has the same group membership requirements as installation.

  • If you decide to audit failure events in the account management event category, you can see if unauthorized users or attackers are trying to change account properties or group properties. Although this can be helpful for intrusion detection, the increase in resources that is required and the possibility of a denial-of-service attack usually outweigh the benefits.
  • Audit: Shut down system immediately if unable to log security audits policy setting enabled, the consequences of logging failure events in these categories can be more severe - the user could cause a denial of service if the security log is filled.
  • By auditing success events in the account logon event category, you can see when users log on to or log off from the domain.

2 more annotations...

    • Customer Benefit

      • Mobility: Work from virtually anywhere using trusted Office applications across your favorite devices--PCs, Macs, and mobile devices--and seamlessly move and work with your Office documents locally on your device or in the online environment.
      • Collaboration: Collaborate with teammates, partners, and customers with documents that are always up to date and accessible from almost anywhere.
      • Communication: Microsoft Lync serves as your communication and presence hub making it easy to see when someone is available, connect via instant message, audio or video calls and host online meetings.
      • Content Management: SharePoint Online makes it easy to set up and manage online communities, wikis and blogs, make customized forms and create and manage content and documents.
      • Exchange Online: Access e-mail and calendars on the go and keep everyone in sync with enterprise-grade e-mail and shared calendars. And, move up to 50 GB quotas; that's 50 times more quota than the current campus Exchange service!
1 - 20 of 3808 Next › Last »
20 items/page

Diigo is about better ways to research, share and collaborate on information. Learn more »

Join Diigo