TechNet
Products
IT Resources
Downloads
Training
Support
Products
Windows
Windows Server
System Center
Microsoft Edge
Office
Office 365
Exchange Server
SQL Server
SharePoint Products
Skype for Business
See all products »
Resources
Channel 9 Video
Evaluation Center
Learning Resources
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Script Center
Server and Tools Blogs
TechNet Blogs
TechNet Flash Newsletter
TechNet Gallery
TechNet Library
TechNet Magazine
TechNet Wiki
Windows Sysinternals
Virtual Labs
Solutions
Networking
Cloud and Datacenter
Security
Virtualization
Updates
Service Packs
Security Bulletins
Windows Update
Trials
Windows Server 2016
System Center 2016
Windows 10 Enterprise
SQL Server 2016
See all trials »
Related Sites
Microsoft Download Center
Microsoft Evaluation Center
Drivers
Windows Sysinternals
TechNet Gallery
Training
Expert-led, virtual classes
Training Catalog
Class Locator
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
Microsoft Official Courses On-Demand
Certifications
Certification overview
Special offers
MCSE Cloud Platform and Infrastructure
MCSE: Mobility
MCSE: Data Management and Analytics
MCSE Productivity
Other resources
Microsoft Events
Exam Replay
Born To Learn blog
Find technical communities in your area
Azure training
Official Practice Tests
Support options
For business
For developers
For IT professionals
For technical support
Support offerings
More support
Microsoft Premier Online
TechNet Forums
MSDN Forums
Security Bulletins & Advisories
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Sign in
Home
Library
Wiki
Learn
Gallery
Downloads
Support
Forums
Blogs
Resources For IT Professionals
United States (English)
Россия (Pусский)
中国(简体中文)
Brasil (Português)
Skip to locale bar
Get this Tag RSS feed
Translate this page
Powered by
Microsoft® Translator
Popular Tags
Active Directory
AD
AD DS
adfs
ASP.NET
azure
BizTalk
BizTalk Server
BizTalk Server 2010
C#
Candidate for deletion
certification
cloud
core docs
de-DE
EAA
Ed Price
Ed's Stub Pages
en-US
ESA
es-ES
Excel
Exchange
Exchange 2010
fa-IR
Fernando Lugao Veltem
FIM
FIM 2010
FIM Resources
FIM-HELP
forefront
forums
fr-FR
Gokan Ozcifci
has code
has comment
has comments
has image
has Images
has Other Languages
has See Also
Has Table
Has TOC
Horizon_Net
How To
Hyper-V
id-ID
IIS
Italian Wiki Articles
it-IT
ja-JP
Jordano Mazzoni
Link Collection
Luciano Lima
Luigi Bruno
Lync Server 2010
MIISILMFIM MACAULAY
Multi Language Wiki Articles
needs work
operations manager
Pirated Content
Portal
Português Brasil
PowerShell
pt-BR
security
SharePoint
SharePoint 2010
SharePoint 2013
SharePoint Pirate
Small Basic
solucionando problemas
SQL Server
SQL Server 2012
stub
System Center
System Center 2012
TechNet Guru
TechNet Wiki
TechNet Wiki Featured Article
tonyso
Translated into Japanese
troubleshooting
tr-TR
vídeo
Video
Virtualization
VMM
Wiki
Windows
Windows 7
Windows 8
Windows Azure
Windows Server
Windows Server 2003
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
yottun8
اکتیو دایرکتوری
Browse by Tags
>
TechNet Articles
>
All Tags
>
CRL
Tagged Content List
Wiki Page:
How to Publish the CRL on a Separate Web Server
Maheshkumar S Tiwari
By default, an issuing enterprise CA publishes its certificate revocation list (CRL) to locations within the forest. When you are using Internet-based client management with Configuration Manager, there are scenarios where you might need to publish the CRL on a separate server, outside the forest....
on
13 Sep 2013
Wiki Page:
How to Configure UAG to Publish Your Private Certificate Revocation List
Maheshkumar S Tiwari
[This article originally appeared in the Edge Man blog at http://blogs.technet.com/b/tomshinder/archive/2010/08/03/how-to-configure-uag-to-publish-your-private-certificate-revocation-list.aspx . Feel free to enhance and improve it! --Tom.] In order for SSTP (Secure Socket Tunneling Protocol) and...
on
10 Sep 2013
Wiki Page:
Certificate Revocation List (CRL) Verification - an Application Choice
Naomi N
It seems to be a FAQ disabling revocation checking in specific scenarios. This can be either a test or a formerly badly configured environment. While it is not recommended to turn off revocation checking , I want to provide you some references where you can find technical information to alter the...
on
23 Aug 2013
Wiki Page:
Understanding Access to Microsoft Certificate Revocation List
Carsten Siemens
High-Level Overview We encourage you to enhance this guide by identifying missing areas (scenarios, features, lifecycle...), provide links to and write descriptions of existing content, and providing new content where there are gaps. Join the community ! Introduction...
on
23 Aug 2013
Wiki Page:
AD FS 2.0 & Higher: Truncate strings in claims using RegEx
Joji Oshima
Scenario: There is an incoming claim ( or user attribute ) that is being sent to a relying party When the claim is sent, the value must not exceed a certain character limit Data that exceeds this limit must be truncated to accommodate this requirement Example: Incoming claim http...
on
21 Aug 2013
Wiki Page:
How to Publish New Certificate Revocation List (CRL) from Offline Root CA to Active Directory and Inetpub
Naomi N
It is highly recommended when building your Microsoft PKI (Public Key Infrastructure) to have your Root CA offline after issuing the Enterprise Sub CA certificates. It is recommended to minimize the access to the Offline Root CA as possible. The Root CA is not a domain joined machine and can be turned...
on
16 Aug 2013
Wiki Page:
AD FS 2.0: Selectively send group membership(s) as a claim
JaredPoeppelman
You can send group membership as claims by using the built in templates Create a new rule, choose “Send LDAP Attributes as Claims” Choose Active Directory as the Attribute Store, and choose the LDAP Attribute “Token-Groups – Unqualified Names” and the claim type as “Group” This will send...
on
22 May 2013
Wiki Page:
AD LDS and ADAM: Publishing a Certificate Revocation List (CRL) to the Directory Fails
Richard Mueller
Symptoms Publishing a certificate revocation list (CRL) to AD LDS or ADAM fails The publishing method could be certutil.exe or a directory synchronization tool You may see events similar to the following: Log Name: ADAM (Instance-Name) Source: ADAM [Instance-Name] LDAP Date...
on
3 Apr 2013
Wiki Page:
Large CRLs: What is Added to a Certificate Revocation List (CRL)?
Browse Organic
This article discusses the reasons a certificate revocation list (CRL) can become large. The contents of this article include the following: Table of Contents What makes large CRL? Additional References What makes large CRL? There is really one item that makes the CRL grow: revoked certificates...
on
14 Mar 2013
Wiki Page:
AD FS 2.0: Dynamic Claim Types
Joji Oshima
Dynamic Claim Types There is data stored about a user in a SQL database ( or other attribute store ). The data stored about the user in the database needs to be a part of the claim type and not the value of the claim. For example, properties “ Redmond ” and “ Building3 ” stored in a database...
on
28 Feb 2013
Wiki Page:
AD FS 2.0: Domain Local Groups in a claim
Joji Oshima
Introduction The basic method for adding group memberships into claims is using Send LDAP Attributes as Claims and picking one of the tokenGroups options. This method works for global and universal groups, but will leave out any domain local groups. The primary reason for this is there is no intuitive...
on
4 Oct 2012
Wiki Page:
UAG DirectAccess Test Lab Guide CRL Check Update
Thomas W Shinder - MSFT
Jim Harrison recently pointed out to me that there’s a small problem with the UAG DirectAccess Test Lab Guide, which you can find over at http://technet.microsoft.com/en-us/library/ee861167.aspx If you haven’t seen the Test Lab Guide yet, or if you haven’t had a chance to run it, I...
on
26 May 2010
Page 1 of 1 (12 items)
Can't find it? Write it!
Post an Article