Microsoft ADCS Integration with TigerTrust
TigerTrust provides comprehensive integration with Microsoft Active Directory Certificate Services (ADCS) for enterprise Windows PKI management.
ADCS Integration
Connect TigerTrust to your Windows PKI:
- Web Enrollment: Direct integration with certsrv
- CEP/CES: Certificate Enrollment Policy/Service support
- NDES/SCEP: Network Device Enrollment Service
- Auto-Enrollment: Group Policy integration
Configuration
Configure ADCS with:
- CA server address
- Enrollment method (web, CEP, or NDES)
- Authentication type (Kerberos, NTLM, or certificate)
- Template configuration and auto-enrollment settings
Enrollment Methods
Web Enrollment: Direct web-based enrollment with certsrv.
CEP/CES:
- Certificate Enrollment Policy
- Template-based enrollment
- Cross-forest support
NDES/SCEP:
- Network device enrollment
- Mobile device certificates
- Challenge password support
Certificate Templates
Common ADCS Templates:
- Server: Web Server, Domain Controller, RAS and IAS Server
- Client: User, Computer, Workstation Authentication
- Code Signing: Code Signing
Active Directory Integration
Group Policy:
- Auto-enrollment settings
- Certificate mapping
- Template permissions
Forest/Domain:
- Cross-forest enrollment
- Multi-domain support
- Trust relationships
Non-Windows Support
Enroll non-Windows systems using web enrollment with TigerTrust agent for CSR generation and certificate deployment via SSH.
Monitoring
TigerTrust provides enhanced ADCS monitoring:
- Certificate expiration tracking
- Template usage analytics
- CA health monitoring
- CRL/OCSP status
Getting Started
- Configure ADCS Access: Set up enrollment endpoint
- Create Service Account: Configure TigerTrust credentials
- Add Integration: Configure ADCS in TigerTrust
- Map Templates: Configure certificate templates
- Enable Automation: Start certificate management
TigerTrust's ADCS integration extends your Windows PKI capabilities with cross-platform support and enhanced automation.