Configuring a Windows Server 2008 front-end web enrollment server for delegation

  After you install the web enrollment pages on an external IIS7 web server, 2 additional steps are required: On the service account running the website in IIS 7 (commonly the computer account/Network Service account): –       Trust the security principal for delegation against the back-end server –       The minimum permissions required are for RPCSS and HOST services…

2

Requiring Smart Cards for logon – what happens when CRL publication fails

Let’s say your organization wants to make smartcards mandatory for all users as part of a security push, i.e. implement ‘two-factor authentication’ (“something you have and something you know”). The concern however is that if revocation checks for either the Domain Controller certificate (from the client side) or the Smartcard certificate (from the Domain Controller…

2