Sign in with
Sign up | Sign in
Your question

certificate authentication

Last response: in Windows 2000/NT
Share
Anonymous
April 29, 2005 2:22:37 AM

Archived from groups: microsoft.public.win2000.security (More info?)

Hi,

I have a Windows 2003 server domain with Active Directory on and an
Enterprise Certification Authority.
The problem is :

I have a phisical person who has two AD accounts, one as user and onother as
administrator
I have to give to him a smart card and remove the user name/password logon

Can I generate two authentication certificates on the same samrt card?
Can I choose (using windows logon) wich user log to the system?
Do I have any component to modify/create to do this ?

At the end of all, is this thing possible?

Hope in your help
Anonymous
May 7, 2005 11:20:37 AM

Archived from groups: microsoft.public.win2000.security (More info?)

1. Yes you can put two authN certificates on the card.

2. However, you cannot choose from multiple certs for logon. This
functionality is being considered for future releases.

--
David B. Cross [MS]
--
This posting is provided "AS IS" with no warranties, and confers no rights.


Top Whitepapers:

Auto-enrollment whitepaper:
http://www.microsoft.com/technet/prodtechnol/windowsser...

Best Practices for implementing Windows Server 2003 PKI:
http://www.microsoft.com/technet/prodtechnol/windowsser...

Troubleshooting Certificate Status and Revocation whitepaper:
http://www.microsoft.com/technet/security/topics/crypto...

Windows Server 2003 web enrollment and troubleshooting guide:
http://www.microsoft.com/technet/prodtechnol/windowsser...
"Roberto Murasso (Tiscali)" <rmurasso@tiscalinet.it> wrote in message
news:%237Pa2$CTFHA.3332@TK2MSFTNGP15.phx.gbl...
> Hi,
>
> I have a Windows 2003 server domain with Active Directory on and an
> Enterprise Certification Authority.
> The problem is :
>
> I have a phisical person who has two AD accounts, one as user and onother
> as administrator
> I have to give to him a smart card and remove the user name/password logon
>
> Can I generate two authentication certificates on the same samrt card?
> Can I choose (using windows logon) wich user log to the system?
> Do I have any component to modify/create to do this ?
>
> At the end of all, is this thing possible?
>
> Hope in your help
>
>
!