Posted on 11-15-2020 05:24 PM
Just wondering in anyone has figured a way to make a redundant ADCS Connector server?
Posted on 11-16-2020 12:35 AM
@dlondon It has to be removed from the database. I had to put a call in with jamf to remove an old one from the PKI Certificates, as I am on Jamf Cloud, I don't have access the the db, although I would have put a call in anyway for help.
Posted on 11-16-2020 06:28 PM
Hi @geoff.widdowson thanks but I'm not sure we are talking about the same thing. Because a certificate service is a critical item, my System Admin Manager asked if it was possible to have more than one ADCS Connector server pointed at ADCS in some sort of redundant way e.g. round robin and have that sit behind something like a load balancer e.g. F5. I suspect the answer is no because the Jamf Pro server needs to have the certificates from the ADCS Connector server.
Posted on 11-16-2020 07:36 PM
I haven't tried this but you could terminate on your load balancer. Or create custom certs and bind them to IIS on both ADCS connectors.
Would be interested in a "supported" method myself to be honest.