Setup of Active Directory to enroll a smartcard

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I was referred to the following instructions, and they appear to be on the
right track
http://technet2.microsoft.com/Windo...216a-475b-a7e9-84c8d4c749de1033.mspx?mfr=true

But i get "The wizard cannot be started because it failed to contact the
active directory." error in Request New Certificate step.

So i'm concluding i now have to setup Active Directory. I would highly
appreciate a bare-bones description of how to set one up using Windows XP
(preferrably HOME, but i do have Professional as well), just to be able to
enroll a smartcard. I am not currently interested in using AD for anything
else.

Thanks,
Reshat.
 
ultranet said:
I was referred to the following instructions, and they appear to be on the
right track:
http://technet2.microsoft.com/Windo...216a-475b-a7e9-84c8d4c749de1033.mspx?mfr=true

But i get "The wizard cannot be started because it failed to contact the
active directory." error in Request New Certificate step.

So i'm concluding i now have to setup Active Directory. I would highly
appreciate a bare-bones description of how to set one up using Windows XP
(preferrably HOME, but i do have Professional as well), just to be able to
enroll a smartcard. I am not currently interested in using AD for anything
else.
Click to expand...

You can't set up Active Directory on an XP Home or Pro machine. Active
Directory is only available in a server operating system such as Small
Business Server 2003 RC2 or Windows Server 2003.

Malke
 
Malke said:
You can't set up Active Directory on an XP Home or Pro machine. Active
Directory is only available in a server operating system such as Small
Business Server 2003 RC2 or Windows Server 2003.
Click to expand...
That clears it up quite a bit.
To follow up on that:
1. Is it possible to install Active Directory separately?
2. If not, does it mean i can't use smartcard for authentication at all, or
is there another way? For instance, would it be possible to use a non-MS CA
(perhaps that way Active Directory wouldn't be required)?

Thanks,
Reshat.
 
ultranet said:
That clears it up quite a bit.
To follow up on that:
1. Is it possible to install Active Directory separately?
2. If not, does it mean i can't use smartcard for authentication at
all, or is there another way? For instance, would it be possible to
use a non-MS CA (perhaps that way Active Directory wouldn't be
required)?
Click to expand...

Active Directory is part of MS Server 2003/SBS 2003. It isn't a separate
component that you can install in a non-server operating system.

I won't pretend to be an expert on Smart Cards but there was another
thread about them in this newsgroup recently. Do a Google Groups
Advanced Search and constrain the search to this newsgroup. Use the
search term "smart card".

I also did a simple Google web search which came up with quite a few
useful links:
http://www.google.com/search?hl=en&lr=&q=how+to+use+smart+cards&btnG=Search

And what do you know, there's an article on microsoft.com about using
Smart Cards with XP:
http://www.microsoft.com/windowsxp/evaluation/features/smartcards.mspx

And this one:
http://search.technet.microsoft.com/search/default.aspx?siteId=1&tab=0&query=smart+cards

That should get you started.

Malke
 
Malke said:
Active Directory is part of MS Server 2003/SBS 2003. It isn't a separate
component that you can install in a non-server operating system.

I won't pretend to be an expert on Smart Cards but there was another
thread about them in this newsgroup recently. Do a Google Groups
Advanced Search and constrain the search to this newsgroup. Use the
search term "smart card".

I also did a simple Google web search which came up with quite a few
useful links:
http://www.google.com/search?hl=en&lr=&q=how+to+use+smart+cards&btnG=Search

And what do you know, there's an article on microsoft.com about using
Smart Cards with XP:
http://www.microsoft.com/windowsxp/evaluation/features/smartcards.mspx

And this one:
http://search.technet.microsoft.com/search/default.aspx?siteId=1&tab=0&query=smart+cards

That should get you started.
Click to expand...

From reading some of the references i'm also getting a confirmation that
smart-card-based authentication on Windows only works for domain logons, not
local ones. I've not looked into Linux side of this, but chances are there's
not anything ready to use at the moment their in terms of logon
authentication. For now this probably means that if one has a personal
computer w/ a smart-card reader, it will only be useful for app-based usage,
not for OS-based usage, unless one wants to invest into setting up a domain
using a Windows-based server OS.

Thanks.
 
Back
Top