Default Certificate Templates
408 Microsoft Windows Server 2008 Administration
Name Description Key Usage Subject
Cross-
Certification
Authority
Cross-certify and qualify
subordination
Signature CrossCA
Directory E-mail
Replication
E-mail replication within AD Signature and
Encryption
DirEmailRep
Domain
Controller
Certificate for domain
controllers
Signature and
Encryption
DirEmailRep
Domain
Controller
Authentication
Authenticate AD users and
computers
Signature and
Encryption
Computer
EFS Recovery
Agent
Decrypt files previously
encrypted with EFS
Encryption User
Enrollment
Agent
Request certificate on behalf of
another subject
Signature User/
Computer
Exchange
Enrollment
Agent
Request certificate on behalf
of another subject and by
supplying the subject name
in the request; used for offline
requests
Signature User
Exchange
Signature Only
Issue certificates for digitally
signing e-mail; used by MS
Exchange Key Management
Service
Signature User
Exchange User Issue certificates for encrypting
e-mail; used by MS Exchange
Key Management Service
Encryption User
IPSec Digitally sign, encrypt, and
decrypt network traffic
Signature and
Encryption
Computer
Key Recovery
Agent
Recover archive private keys Encryption KRA
RAS and IAS
Server
Remote Access Service (RAS)
and Internet Authentication
Service (IAS) server identity
authentication
Signature and
Encryption
Computer
Root CA Prove identity of the root CA Signature CA
Table 12-1.
Pages:
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445