W
wes
Set up a win2003 RRAS server to do l2tp/ipsec vpn with
the newly updated win2k/xp nat-T aware client.
everything works great, I'm using one of my DCs as an
enterprise CA to deploy the certs.
the only problem is, the instructions have me use certsrv
to deploy the certs to each client machine, and it issues
them to the domain admin account "administrator" that i
use to generate the certs. so when i go to the CA and
look up the issued certs, they all say "administrator"
and there is no easy way for me to distinguish which cert
maps to which machine. this will make it difficult to
quickly revoke a cert for a lost or stolen machine.
anyone know how i can somehow generate the certs in a way
that will make it easy to tell which machine they are
issued to?
thanks much,
Wes
the newly updated win2k/xp nat-T aware client.
everything works great, I'm using one of my DCs as an
enterprise CA to deploy the certs.
the only problem is, the instructions have me use certsrv
to deploy the certs to each client machine, and it issues
them to the domain admin account "administrator" that i
use to generate the certs. so when i go to the CA and
look up the issued certs, they all say "administrator"
and there is no easy way for me to distinguish which cert
maps to which machine. this will make it difficult to
quickly revoke a cert for a lost or stolen machine.
anyone know how i can somehow generate the certs in a way
that will make it easy to tell which machine they are
issued to?
thanks much,
Wes