Welcome to Part 2 of our discussion of Certificates, SCEP, and 802.1x. In our first post we took a look at what certificates are and how they work. Today we will take a look at Active Directory and Active Directory Certificate Services.
Active Directory is often used as a broad term to describe several concepts and services. There is much, much more to AD but this isn’t a Microsoft AD course, so we’ll only cover what we need to know here.
AD CS Connector started as a custom piece of software written by Jamf for a large customer. It’s now used by many customers who cannot utilize SCEP in their environment.
A web proxy is a web server that accepts and sends communication on behalf of another service over the internet. This ensures critical services, like Active Directory, are not exposed to the security risk that is the internet.
An Application Pool is a collection of one or more URLs that can be served by a worker process, and it provides isolation: applications that run on one application pool are in no way affected by other applications that run on different application pools.
Client Certificate Mapping Authentication is a way of certificate based authentication for the IIS Access User. This service account is used to run the processes in the AD CS Connector application, the certificate is used to authenticate this account. This process helps to secure access to the AD CS Connector application.
That’s all for part two! Stay tuned to learn more about some of the other technologies surrounding certificates!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.