Mark Minasi's Tech Forum
Sign up Calendar Latest Topics
 
 
 


Reply
  Author   Comment  
rambog

Still Checking the Forum Out
Registered:
Posts: 1
Reply with quote  #1 
I am looking for a good doc/book that covers how to implement PKI to encompass certs needed by FIM, Office 365, ADFS, Azure (with SPN).  For example, FIM has its own Certificate Management component (formerly packaged as Certificate Lifecycle Manager, CLM) but wondering how that would integrate with a CA stood up in Windows 2012 R2 that is also being used, for example, Network Policy Server/Remote Access Role. In other words, many Microsoft technologies leverage PKI.  What is the best way to implement a PKI to wisely incorporate all these technologies?
0
DM-AVAL

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 79
Reply with quote  #2 
Currently there is no such book although the updated version of Brian Komar's "PKI book" may address some of your questions... when it comes out:

http://www.komarconsulting.com/Pages/default.aspx

The last version (for Server 2008) does not address O365, Azure or anything like that.

My advice would be to post on the Microsoft TechNet Security forum where both Brian Komar and Mark Cooper have been very helpful with me in the past. These two guys are arguably the foremost authorities on PKI at the time. If there is any up-to-date documentation on the subject, they might be able to point you in the right direction.

Security forum (TechNet):

https://social.technet.microsoft.com/Forums/windowsserver/en-US/home?forum=winserversecurity

Just FYI, this is Mark Cooper's site:

https://pkisolutions.com/

Otherwise, I'm sure there's MS documentation available here and there but I doubt there is a single repository.

Search terms "Microsoft PKI ADCS" produces all kinds of hits but you'd have to sort through them, probably adding the terms that interest you "Azure", "Office 365".

By the way, do you already have a PKI in place?



0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 913
Reply with quote  #3 
Its a book I'd love to see and read as well.

Its everywhere now and troubleshooting non MS ADFS/ SSO/ PKI deployments is fun....not.



__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 913
Reply with quote  #4 
Busy with a lot of things, but I found this while looking for other info.
Not MS specific, but I've done a few of their courses and found them all worthwhile - https://www.coursera.org/learn/crypto#syllabus

__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.