Beruflich Dokumente
Kultur Dokumente
Microsoft, Active Directory, Windows, and Windows Server are either registered
trademarks or trademarks of Microsoft Corporation in the United States and/or
other countries. The names of actual companies and products mentioned herein
may be the trademarks of their respective owners.
Page 1
Microsoft® Certificate Lifecycle Manager Beta 1
Page 2
Microsoft® Certificate Lifecycle Manager Beta 1
Introduction
This document describes how to install and configure Microsoft Certificate Lifecycle
Manager Beta 1 software quickly and efficiently for product feature evaluation in a lab
environment. For more comprehensive installation and configuration options, please
refer to the Microsoft Certificate Lifecycle Manager (CLM) Installation Guide.
Getting Started
Install the following software on a single server:
• Windows 2003 Enterprise Edition
• Windows 2003 Certification Authority
• Internet Information Server (IIS) v6
• Ensure the .NET Framework version 1.1 is installed
• Microsoft SQL Server 2000
• NOTE: Authentication must be set to Mixed Mode
• Optional
• Simple Mail Transfer Protocol (SMTP) Server with anonymous relaying
allowed
Installing CLM
Page 3
Microsoft® Certificate Lifecycle Manager Beta 1
Both files are on the Certificate Lifecycle Manager Install CD in the Schema
Directory.
2. Enable the default Key Recovery Agent certificate template the default
certificate template is KeyRecoveryAgent. The template is only available if it is
enabled on an active enterprise certificate authority (CA) in the CA hierarchy.
To do this, perform the following steps:
a) Log on as a user assigned the Manage CA permissions at the enterprise
CA.
b) Start the Windows Certification Authority snap-in, which can be found in
Administrative Tools in the Windows Control Panel.
c) Expand the default CA’s set of folders and select Certificate Templates in
the left pane.
d) With Certificate Templates selected, right-click and click New Certificate
Template to Issue from the pop-up menu.
e) Select Key Recovery Agent and click OK.
3. Enable the default Enrollment Agent certificate template the default
certificate template is EnrollmentAgent. The template is only available if it is
enabled on an active enterprise CA in the CA hierarchy. To do this, perform the
following steps:
a) Log on as a user assigned the Manage CA permissions at the enterprise
CA.
b) From Administrative Tools, start the Windows Certification Authority snap-
in.
c) Expand the default CA’s set of folders and select Certificate Templates in
the left pane of the snap-in.
d) With Certificate Templates selected, right-click and click New Certificate
Template to Issue from the pop-up menu.
e) Select Enrollment Agent and click OK.
Page 4
Microsoft® Certificate Lifecycle Manager Beta 1
Page 5
Microsoft® Certificate Lifecycle Manager Beta 1
14. On the Welcome page, click Express Configuration. This sets the following:
• SQL Server defaults are accepted (local default instance of SQL Server
with a blank password).
• The default Certificate Lifecycle Manager database account name is
clmsUser.
• The default SQL Server data folder is used.
• The default Directory Attribute and location is used to store configuration
information.
• The default CLM Agents are used. The container where users are created
is under CN=Users, DomainName (where DomainName is the LDAP
distinguished name of the current domain).
• The defaults assume that the CA is installed on the same machine where
Certificate Lifecycle Manager is installed.
• The default certificate template for the CLM Recovery Agent is
KeyRecoveryAgent.
• The default certificate template for the CLM Enrollment Agent is
EnrollmentAgent.
Page 6
Microsoft® Certificate Lifecycle Manager Beta 1
Page 8