August 2019
Intermediate to advanced
786 pages
20h 22m
English
Content preview from Mastering Active Directory - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Setting up a standalone root CA
The first step is to set up the standalone root CA. This is not a domain member server, and is operating on the workgroup level. Configuring it on a separate VLAN will add additional security to the root CA.
Once the server is ready, log into the server as a member of the local administrator group. The first task is to install the AD CS role service. This can be done using the following command:
Add-WindowsFeature ADCS-Cert-Authority -IncludeManagementTools
Once the role service is installed, the next step is to configure the role and get the CA up and running:
Install-ADcsCertificationAuthority -CACommonName "REBELAdmin Root CA" -CAType StandaloneRootCA -CryptoProviderName "RSA#Microsoft Software Key Storage ...