Overview of the AD CS Server Role in Windows Server 2012

All PKI related components Deployed as a service in the AD CS server role Effect. AC CS server role It is called the role of many parts Service. Each role is responsible for services certain parts of the infrastructure of the certificate, and work together to build a complete Solutions.

In the role of AD CS role services:

Ø  CA:This component certificates Users, computers, and services. It is also Management validity of the certificate. Can multiple CA It is linked to the development of a PKI hierarchy.

Ø  CA Web Enrollment: This component provides a way to publish and update the certificate Non join -domain users, computers, and equipment are not directly connected to the network, Or for non -Windows operating system users.

Ø  OnlineResponder: You can use this component to configure and manage OCSP validation and Revocation checking. Online response to decoding a particular request certificate revocation status checking the status of the certificate, and returns a signed response containing the requested certificate Status information. Unlike Windows Server 2008 R2, you can install any version of the online response Windows Server 2012 certificate revocation data can come from a CA on a computer Running Windows Server 2003, Windows Server 2008, or from a non-Microsoft CA.

Ø  Network Device Enrollment Service: With this component, routers, switches, and other Network equipment from AD CS certificate. In Windows Server 2008 R2, this element only for enterprise and data center version, but with Windows Server 2012, you can install Role in any version of the service.

Ø  Certificate Enrollment Web Service: This part can be used as a proxy between Windows 7 And client computers and Windows CA. Part 8 This is new to Windows Server 2008 R2 and In Windows Server 2012 and requires Active Directory forest, and at least Windows Server 2008 R2 level. It enables a user to perform the following method to connect to the CA through a Web browser:

•  Request, updates, and install the issued certificate.
•  Take CRL.
•  Download the root certificate.
•  Register or via the Internet or across forests (new in Windows Server 2008 R2).

Ø  Certificate Enrollment Policy Web Service: This part is the new Windows Server 2008 This R2 and Windows Server 2012 enables users to obtain certificate enrollment policy information. Certificate Enrollment Web Services combine to achieve policy -based certificate of registration when the client computer is not a member of a domain or when a domain member is not connected to Domain.