Integrating MDI with AD CS
Just as you learned some fundamental knowledge about AD FS, we will start off this section by taking a few steps back to give you a high-level overview of AD CS.
Let’s start by looking at the most common terms when it comes to AD CS:
- Active Directory Certificate Services (AD CS): Microsoft’s PKI implementation.
- Certificate Authority (CA): PKI server that issues certificates.
- Certificate template: A collection of settings and policies that define the contents of a certificate issued by an enterprise CA.
- Certificate Signing Request (CSR): A message sent to a CA to request a signed certificate.
- Extended/Enhanced Key Usage (EKU): One or more object identifiers (OIDs) that define how a certificate can be used.
- Enterprise CA: CA integrated with AD (as opposed to a standalone CA); offers certificate templates
- Public Key Infrastructure (PKI): A system to manage certificates/public key encryption
For an enterprise...
