Extreme Networks Summit WM Technical Reference Manual page 37

Version 5.1

Hide thumbs Also See for Summit WM:

Installation instructions (1 page)

Getting started manual (126 pages)

Maintenance manual (130 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

page of 222

/ 222
Contents
Table of Contents
Bookmarks

Table of Contents

existing certificate templates, a feature that is only supported for Windows Server 2003, Enterprise

Edition, or Windows Server 2003, Datacenter Edition, enterprise CAs.

Only Windows XP and Windows Server 2003 wireless clients support user certificate autoenrollment.

To configure user certificate enrollment for a Windows Server 2003, Enterprise Edition, or Windows

Server 2003, Datacenter Edition, enterprise CA:

1 Click Start, click Run, type mmc, and then click OK.

2 On the File menu, click Add/Remove Snap-in, and then click Add.

3 Under Snap-in, double-click Certificate Templates, click Close, and then click OK.

4 In the console tree, click Certificate Templates. All of the certificate templates will be displayed in

the details pane.

5 In the details pane, click the User template.

6 On the Action menu, click Duplicate Template.

7 In the Display Name field, type WirelessUser (example name).

8 Make sure that the Publish Certificate in Active Directory check box is selected.

9 Click the Security tab.

10 In the Group or user names field, click Domain Users.

11 In the Permissions for Domain Users list, select the Enroll and Autoenroll permission check boxes

and then click OK.

12 Open the Certification Authority snap-in.

13 In the console tree, open Certification Authority, then the CA name, then Certificate Templates.

14 On the Action menu, point to New, and then click Certificate to Issue.

15 Click WirelessUser (example) and click OK

16 Open the Active Directory Users and Computers snap-in.

17 In the console tree, double-click Active Directory Users and Computers, right-click the domain

system container that contains the wireless user accounts, and then click Properties.

18 On the Group Policy tab, click the appropriate Group Policy object (the default object is Default

Domain Policy), and then click Edit.

19 In the console tree, open User Configuration, then Windows Settings, then Security Settings, then

Public Key Policies.

20 In the details pane, double-click Autoenrollment Settings

21 Click Enroll certificates automatically.

22 Select the Renew expired certificates, update pending certificates, and remove revoked certificates

check box.

23 Select the Update certificates that use certificate templates check box and click OK

Perform steps 17-23 for each domain system container as appropriate.

Best Practices

If you use a Windows Server 2003, Enterprise Edition, or Windows Server 2003, Datacenter Edition,

enterprise CA as an issuing CA, configure autoenrollment of user certificates to install user certificates

on all computers. Ensure that all appropriate domain system containers are configured for

autoenrollment of user certificates either through the inheriting of group policy settings of a parent

system container or explicit configuration.

Summit WM Technical Reference Guide, Software Version 5.1

Table of Contents

Extreme Networks Summit WM Technical Reference Manual page 37

Related Manuals for Extreme Networks Summit WM

Related Products for Extreme Networks Summit WM

Table of Contents