Export (0) Print
Expand All

Securing Active Directory Certificate Services

Applies To: Windows Server 2008 R2

It is important to define and implement an Active Directory Certificate Services (AD CS) management model when you develop a certification authority (CA) infrastructure. This management model should complement your existing security management delegation plan and, if necessary, can help you meet Common Criteria requirements for role separation.

To ensure that a single individual cannot compromise public key infrastructure (PKI) services, it is best to distribute management roles across different individuals in your organization.

To understand the roles and activities associated with managing AD CS, see Implement Role-Based Administration.

For additional important security and management role-related tasks, see:

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

© 2015 Microsoft