Users Guide
162 Using the DRAC 5 With Microsoft Active Directory
Enabling SSL on a Domain Controller
If you are using Microsoft Enterprise Root CA to automatically assign all your
domain controllers to an SSL certificate, perform the following steps to
enable SSL on each domain controller.
1
Install a Microsoft Enterprise Root CA on a Domain Controller.
a
Select
Start
→
Control Panel
→
Add or Remove Programs
.
b
Select
Add/Remove Windows Components
.
c
In the
Windows Components
Wizard
, select the
Certificate Services
check box.
d
Select
Enterprise root CA
as
CA Type
and click
Next
.
e
Enter
Common name for this CA
, click
Next
, and click
Finish
.
2
Enable SSL on each of your domain controllers by installing the SSL
certificate for each controller.
a
Click
Start
→
Administrative Tools
→
Domain Security Policy
.
b
Expand the
Public Key Policies
folder, right-click
Automatic
Certificate Request Settings
and click
Automatic Certificate
Request
.
c
In the
Automatic Certificate Request Setup Wizard
, click
Next
and
select
Domain Controller
.
d
Click
Next
and click
Finish
.
Exporting the Domain Controller Root CA Certificate
NOTE: If your system is running Windows 2000, the following steps may vary.
1
Locate the domain controller that is running the Microsoft Enterprise CA
service.
2
Click
Start
→
Run
.
3
In the
Run
field, type
mmc
and click
OK
.
4
In the
Console 1
(MMC) window, click
File (
or
Console
on Windows 2000
machines
)
and select
Add/Remove Snap-in
.
5
In the
Add/Remove Snap-In
window, click
Add
.
6
In the
Standalone Snap-In
window, select
Certificates
and click
Add
.