Export (0) Print
Expand All
Expand Minimize

IIS 6.0 F1: Secure Communications - Account Mappings Many-to-1 Tab

Applies To: Windows Server 2008 R2

Use this tab to enable many-to-one mapping. Many-to-one mapping uses wildcard matching rules that verify whether a client certificate contains specific information, such as issuer or subject. This mapping does not compare the actual client certificate, but rather accepts all client certificates fulfilling the specific criteria. If a client gets another certificate containing all of the same user information, the existing mapping will still works. You can list matching rules for a certificate by clicking the Rule Description header, or list the matching rules by the account they are mapped to, by clicking the Mapped Windows Account header. Certificates do not need to be exported for use in many-to-one mapping.

ImportantImportant
To ensure that changes to matching rules are enacted, stop and restart the Web site.

Enable Wildcard Client Certificate Matching

Select to configure IIS by enabling custom matching rules that check whether client certificate fields match pre-defined criteria.

Edit Rule

Click to modify the currently selected matching rule.

Add

Click to create a custom rule for checking a client certificate's fields for specific information before mapping the certificate to a Windows user account.

Delete

Click to remove the currently selected custom matching rule. To select multiple mappings, either press the CTRL key while selecting individual accounts, or press the SHIFT key while selecting a range of accounts.

Move Up

Click to move the currently selected rule higher in the matching rules list. Moving a rule higher in the list gives it a higher priority.

Move Down

Click to move a rule lower in the matching rules list. Moving a rule lower in the list gives it a lower priority.

noteNote
If two rules that are defined for the same certificate criteria conflict, the rule with the higher priority is used, and the other rule is ignored. You can list the rules either by their names, by clicking on the Rule Description header, or by the account they are mapped to, by clicking the Mapped Windows Account header.

Related Topics

To learn more about certificate mapping and certificates, see the IIS 6.0 online documentation on the Microsoft Windows Server TechCenter.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft