Does Configuration Manager Native Mode Have to Use a Single CA Hierarchy?

Over on the System Center Configuration Manager Team Blog, Carol Bailey posted some great information on Native Mode and certificates including a couple examples of multi-CA hierarchies.  If this sounds like you then you’ll definitely want to check this out:

========

We’ve seen this question come up a few times, and the simple answer is no – as long as the communicating computers have a trust in common, and the correct certificates are used, native mode works just fine.  This trust in common can use a single certification authority (CA) hierarchy or multiple CA hierarchies.  Because native mode is PKI-agnostic, this all happens at a lower level than Configuration Manager – we just need the PKI connection established before we can proceed with native mode communication.

To continue reading visit  http://blogs.technet.com/configmgrteam/archive/2009/01/28/does-configuration-manager-native-mode-have-to-use-a-single-ca-hierarchy.aspx

Enjoy!

J.C. Hornbeck | Manageability Knowledge Engineer