CAs can be installed either as Enterprise or Stand-alone CAs. Stand-alone CAs are
most appropriate for generating certificates for entities outside of your organization.
Generally, you should install an Enterprise CA since it provides the most functionality
and greatest overall flexibility. It requires AD because it uses AD as a central store for
certificates and rides on its replication capabilities to publish its data to all its clients.
You can use certificates generated by an Enterprise CA for authenticating to your domain
using smart cards. An Enterprise PKI solution should be part of a larger overall
security initiative. While it does help create a more secure environment, its deployment
and subsequent use should be built around very good processes that tie in the various
aspects of PKI. You should pay careful attention to processes surrounding encryption,
identity management, provisioning, and revocation of certificates.
This page intentionally left blank
433
Windows PowerShell
13
434 Microsoft Windows Server 2008 Administration
Windows Server 2008 is the first operating system released by Microsoft that
ships with Windows PowerShell. Windows PowerShell is a command shell
similar to the traditional command prompt (cmd.exe), except it??™s much
more powerful. Not only does it include many more built-in commands, called cmdlets
(pronounced command-lets), but these cmdlets provide a more structured approach to
running command-line tasks and increase flexibility by allowing you to interact with
virtually anything in the operating system that can be interfaced with a cmdlet or the
.
Pages:
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460