Summary (Certificate Autoenrollment in Windows Server 2003)
Updated: January 1, 2003
Applies To: Windows Server 2003 with SP1
Windows Server 2003, Enterprise Edition through the Certificate Services component provides user certificate autoenrollment. This allows administrators to easily deploy certificates throughout the enterprise while requiring no user interaction. User certificate autoenrollment in the Windows XP Professional and Windows Server 2003 operating systems builds on Microsofts long-established reputation for shipping robust PKI components that have a low TCO. Since PKI is an integral part of the Windows XP Professional operating system, Windows Server 2003 PKI provides some distinct advantages over third-party add-in components. These advantages include:
No per-certificate fees or per-user PKI licenses
Centralized user security management
Integration with normal enterprise management tasks
Single sign-on capabilities to networks and applications
Managed trust capabilities
Support for all applications through CryptoAPI
Keep in mind that almost all third-party PKIs must be purchased separately, and require per-certificate license fees and increased management tasks.
Overall, certificate autoenrollment features in Windows Server 2003 should provide organizations and enterprises with the ability to effortlessly deploy digital certificates and PKI-enabled applications with little or no additional cost to a normal IT operations budget.