Archived from groups: microsoft.public.win2000.security (
More info?)
Hi Andrey.
I am not familiar with Outlook so I can't really advise on that. You might
also want to post in an Outlook and/or Exchange newsgroup. --- Steve
"Andrey Kreitor" <kreit@mail.ru> wrote in message
news:670d9223.0410072056.3a3d96fe@posting.google.com...
> Hi,
> Sometimes operations like cert revoking, crls publishing are quite
> time consuming, preceding exchange kms installations with non
> recoverable private keys etc... and i need that users would be
> e-mailed with "right" certs
>
> it seems when i click "publish in gal" button in outlook, the
> certificate i use at this very moment becomes the first available for
> other AD users. Am i right?
>
> I tried to clear users' cert attributes via ADSI edit, but something
> goes wrong and mmc console just hangs and quits after all... Probably
> there is some kind of script?
>
> Thanks in advance.
>
>
>
>
> "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
> news:<4Xh9d.200057$MQ5.98887@attbi_s52>...
>> I believe the user account will use the first available certificate that
>> can
>> authenticate the user if there is more than one certificate that can be
>> used. I don't know if you can create a default certificate and am not
>> sure
>> of what the advantage of that would be anyhow. If you have users that
>> have
>> certificates that they are not supposed to have you may have to revoke
>> their
>> certificates and review who has permissions to enroll for certificates
>> which
>> you can manage in AD Sites and Services but you will have to select view
>> and
>> enable the services node to access the certificate templates. --- Steve
>>
>>
>> "Andrey Kreitor" <kreit@mail.ru> wrote in message
>> news:670d9223.0410070632.41a0b513@posting.google.com...
>> > Hi,
>> > Please let me know which one of the published in AD certificates
>> > Outlook does use? For example a user may have multiple certificates
>> > published in AD.
>> > I know, first it looks at usersmime...attribute, then usercertificate
>> > attr.
>> >
>> > How to assign a "default certificate" in AD for a particular account ?