and if that is not enough...
http://blogs.dirteam.com/blogs/jorge...structure.aspx
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #
BLOG (WEB-BASED)-->
http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)-->
http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test ANY suggestion in a test environment before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"Jorge de Almeida Pinto [MVP - DS]"
<SubstituteThisWithMyFullNameSeparatedByDots@gmail .com> wrote in message
news:...
> for LDAPS you need a certificate, one provided by your own CA or by a
> third party CA. Preferably a CA is NOT installed on a DC. Because you just
> need a cert it does not mean you just need to install an enterprise CA.
> What I mean is, that you need to make a design for the PKI infrastructure.
> By just starting to install stuff without thinking is definitely a very
> bad practice and in the end you might even regret it.
>
> How to design a PKI infrastructure?
>
> To get an impression, start reading:
> http://www.windowsecurity.com/articl...ide-Part1.html
>
> --
>
> Cheers,
> (HOPEFULLY THIS INFORMATION HELPS YOU!)
>
> # Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #
>
> BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
> BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
> ------------------------------------------------------------------------------------------
> * This posting is provided "AS IS" with no warranties and confers no
> rights!
> * Always test ANY suggestion in a test environment before implementing!
> ------------------------------------------------------------------------------------------
> #################################################
> #################################################
> ------------------------------------------------------------------------------------------
>
> "Andrew Hodgson" <> wrote in message
> news: ews.com...
>> Hi,
>>
>> I have an external app which requires LDAP integration with our
>> domain. I want to use LDAPs for this. Is it correct that to do this
>> I need to install an enterprise CA on the domain? If so, does this
>> need to be a separate server, or can it be on the domain controller?
>>
>> Our domain is 2008 native upgraded from Windows 2000 native.
>>
>> Thanks.
>> Andrew.
>
Similar Threads
Linear Mode
