Hi, i have been able to setup certificates and radius authentication on
my example.local domain. I have my root enterprise CA issuing
certificates and all is well (certificates show rootca.example.local as
the issuer).

I am considering the posibilities of using certificates to sign the
users email, rather than roll out a new cert infrastructure can i
implement my own inhouse certificate infrastructure even though my
active directory domain name is example.local, whereas our email domain
is example.com?

Is there anyway which i can issue certificates to computers in the
active directory but use the example.com certificates instead?

I hope this makes sense

Thanks,

Chris

In article <1162298165.373554.153***@h48g2000cwc.googlegroups.com>, in
the microsoft.public.win2000.security news group,  <g***@hotmail.com>
says...

As long as the user's mail attribute in AD is example.com this will be
fine. It makes no difference what the name of the CA is, what's
important is that the subject name of the certificate matches the user's
mail attribute, and if you enable the CA template to lookup that
information from AD, they will get the correct subject on the cert.

You don't issue email certificates to computers, you issue them to
users.
A bigger problem is that unless you're only using these certificates
internally they won't be any good. External users won't trust your
internal PKI so the certs are essentially useless outside of your
company.

Account Logon Time Restriction
Changing process priorities of normal users
Mystery Directories
security and pipes explained
Autoenrollment of Certificate
ISA 2000
Tool to search for security groups
Windows Defender
L2TP VPN question
How to keep track of files and directories