We are finally getting around to implementing the PKI infrastructure here and would like some advice.
I had emailed several days ago about Ldap - unix box authenicating to AD - and I got that working (in my test lab). Here is what I was going to implement and would like some advice or direction if this is way off base. Root (Stand-alone) CA (offline) Subordinate Enterprise CA on DC Is this normal practice or completely wrong. Would you recommend install on DC or is that a major NO NO. Any thoughts, or advice... Kind Regards, Jennifer Fountain 3400 E. Walnut Street Colmar, PA 18915 List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
