Posts by Vadims Podāns
The mystery of “Valid existing certificate” setting in ADCS certificate templates – demystified
This is a follow-up of “Certificate renewal request is placed in pending state when Valid Existing Certificate is selected in certificate template” blog post and final nail into the subject. Let’s re-iterate the problem. ADCS Certificate Templates provide configuration for issuance requirements, which allows you to forcibly put request in pending state (no automatic issuance)…
Read MoreADCS Open Protocols specifications
Hello S-1-1-0, Today I want to talk about another area in ADCS I’m contributing to — Open Protocols specifications. Around 15 years ago, Microsoft moved toward to open source and started a new documentation branch called “Open Specifications”, where Microsoft publishes a very detailed Windows protocols specifications so third party can build compatible clients and…
Read MoreBook review – “Pro Active Directory Certificate Services” by Lawrence E. Hughes
Disclaimer: This review contains my personal opinion about the book and does not necessary reflect the company’s or other people opinion. Hello everyone, today I have a little-bit unusual blog post, which is a book review. As you may know, my primary interest area is Microsoft Active Directory Certificate Services (ADCS) and it there are…
Read MoreCertificate renewal request is placed in pending state when Valid Existing Certificate is selected in certificate template
Hello S-1-1-0, here is a new blog post in a long time. Today I want to talk about the issue when “Valid existing certificate” does not bypass CA Manager approval and/or enrollment agent requirement during certificate renewal in Microsoft CA. In certificate template settings, Issuance Requirements we can configure additional requirements for enrollment and re-enrollment…
Read MoreEnabling Active Directory Certificate Services (ADCS) advanced audit
Hello S-1-1-0, here is another unscheduled blog post on enabling advanced audit in Microsoft CA. Today I went through another thread on Twitter which suggests how to enable advanced audit in Microsoft CA. Throughout the thread it was apparent that only partial solution was provided. Windows CA auditing engines Microsoft CA implements a set of…
Read More