![]() The DCs run Server 20 (with the former on the chopping block sometime in the near future, to be replaced by a Server 2019 one). So is it safe to just remove ADCS? I believe it's just installed by default if you promote something to a Domain Controller (or at least add the role), but I can't think of any time I've interacted with it. ![]() ![]() I might be mistaken, and it has nothing to do with this. Users do not use PKI, only username and password, and it seems as if ADCS has something to do with authenticating CAs associated with smart card tokens. This seems to be the primary function of ADCS, and I don't appear to use it. I do not generate certs in-house for anything - workstations are allowed to Self-Sign, and my parent org has steps to follow for generating cert requests locally on our servers to be passed up the chain to a third-party CA. In Server Roles, check Active Directory Certificate Services. ![]() Leave default Server Selection, click on Next. Select Role-based and feature-based installation, click on Next. Thinking back through the MS Server courses I've sat, I don't remember anything on it, so I dug about online and I'm leaning towards "no". Procedure Authority Type, Make sure that Microsoft ADCS is selected. Install Active Directory Certificate Services (AD CS) Go to Server Manager, click Add roles and features. I have an AD setup that apparently has a vulnerability related to the Certificate Services feature. Digital certificates are used to provide:Authentication by associating certificate keys with computer, user, or device accounts on a computer networkYou can use.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |