Security

last person joined: 7 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

NPS and AD CS on the same server

  • 1.  NPS and AD CS on the same server

    Posted Feb 15, 2012 11:39 AM

    Hello,

     

    We are in the process of installing a certificate authority in our domain in order to issue machines certs, however we were wondering what were the best practices for installing one.

     

    Would it cause a security issue to have the AD Certification Services on the same server as the NPS?

     

    Thanks



  • 2.  RE: NPS and AD CS on the same server

    Posted Feb 15, 2012 12:31 PM

    @Yann wrote:

    Hello,

     

    We are in the process of installing a certificate authority in our domain in order to issue machines certs, however we were wondering what were the best practices for installing one.

     

    Would it cause a security issue to have the AD Certification Services on the same server as the NPS?

     

    Thanks


    That would be fine.

     



  • 3.  RE: NPS and AD CS on the same server

    Posted Feb 20, 2012 05:10 AM
    It is generally considered best practise to have the CA server offline and detached from the network unless it is supposed to sign certificates. However in a small enviroment that might be expensive och otherwise impossible. Using the NPS server as a CA is no problem, I've seen several organisations using that approach and it has worked perfectly.