Smart Card logon on W2K Network...

Archived from groups: microsoft.public.win2000.security (More info?)

Hi security gurus,

I'm currently trying to implement smart card logon on my company's W2K AD
network. So far, I've set up (in a test environment of course) an internal
Enterprise CA and am also using third-party certificates to validate the
cards. My question pertains to CRL's, or specifically, the retrieval of the
CRL. Currently, the CDP on the card points to an LDAP site, but for testing
purposes I am operating in a closed network.

My question is, if I have a current copy of the CRL, how exactly do I enter
it into AD and point the cards to retrieve it from there instead of the site
that's on the card? Is this even possible? Thank you in advance.
2 answers Last reply
More about smart card logon network
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    The computer/application will refer to the certificate details page - CRL
    distribution points to find the CRL so you need to configure such before you
    start issuing certificates. The link below should be able to help you out on
    how to modify CRL distribution points. Possibly an internal website or
    fileshare would work for you. --- Steve

    http://www.microsoft.com/technet/security/topics/cryptographyetc/tshtcrl.mspx

    "bill" <bill@discussions.microsoft.com> wrote in message
    news:59ABE337-9990-4D62-9374-772322A00D39@microsoft.com...
    > Hi security gurus,
    >
    > I'm currently trying to implement smart card logon on my company's W2K AD
    > network. So far, I've set up (in a test environment of course) an internal
    > Enterprise CA and am also using third-party certificates to validate the
    > cards. My question pertains to CRL's, or specifically, the retrieval of
    > the
    > CRL. Currently, the CDP on the card points to an LDAP site, but for
    > testing
    > purposes I am operating in a closed network.
    >
    > My question is, if I have a current copy of the CRL, how exactly do I
    > enter
    > it into AD and point the cards to retrieve it from there instead of the
    > site
    > that's on the card? Is this even possible? Thank you in advance.
  2. We are smart card manufacturers in India, High level of security with mutual authentication, strong data encryption, and read/write capabilities with 64-bit diversified keys.
    http://id-smartcards.com/products.html


    bill said:
    Archived from groups: microsoft.public.win2000.security (More info?)

    Hi security gurus,

    I'm currently trying to implement smart card logon on my company's W2K AD
    network. So far, I've set up (in a test environment of course) an internal
    Enterprise CA and am also using third-party certificates to validate the
    cards. My question pertains to CRL's, or specifically, the retrieval of the
    CRL. Currently, the CDP on the card points to an LDAP site, but for testing
    purposes I am operating in a closed network.

    My question is, if I have a current copy of the CRL, how exactly do I enter
    it into AD and point the cards to retrieve it from there instead of the site
    that's on the card? Is this even possible? Thank you in advance.
Ask a new question

Read More

Security Microsoft Windows