Summary (Certificate Autoenrollment in Windows Server 2003)

Applies To: Windows Server 2003 with SP1

Windows Server 2003, Enterprise Edition through the Certificate Services component provides user certificate autoenrollment. This allows administrators to easily deploy certificates throughout the enterprise while requiring no user interaction. User certificate autoenrollment in the Windows XP Professional and Windows Server 2003 operating systems builds on Microsofts long-established reputation for shipping robust PKI components that have a low TCO. Since PKI is an integral part of the Windows XP Professional operating system, Windows Server 2003 PKI provides some distinct advantages over third-party add-in components. These advantages include:

• No per-certificate fees or per-user PKI licenses

• Centralized user security management

• Integration with normal enterprise management tasks

• Single sign-on capabilities to networks and applications

• Managed trust capabilities

• Support for all applications through CryptoAPI

Keep in mind that almost all third-party PKIs must be purchased separately, and require per-certificate license fees and increased management tasks.

Overall, certificate autoenrollment features in Windows Server 2003 should provide organizations and enterprises with the ability to effortlessly deploy digital certificates and PKI-enabled applications with little or no additional cost to a normal IT operations budget.