Getting started with Microsoft Cloud PKI

This week is sort of another follow-up on the earlier posts about new Microsoft Intune Suite add-on capabilities. This time it’s all about the latest addition, Microsoft Cloud PKI (Cloud PKI). Cloud PKI provides organizations with a cloud-based service that simplifies and automates the certificate lifecycle management for Intune managed devices. It literally provides a public key infrastructure (PKI) from the cloud. That PKI environment can be built within a few minutes, by simply going through a couple of wizards. Even when relying on at least a two-tier hierarchy, with a root certificate authority (CA) and an issuing CA. There is no longer a need to maintain on-premises servers, connectors, or hardware. Cloud PKI handles the certificate issuance, renewal, and revocation for Intune managed devices. …

Read more

Five key configuration steps for implementing Internet-based clients in ConfigMgr 2012

This blog post is about the key configuration steps for implementing Internet-based clients in ConfigMgr 2012. By key configuration steps, I’m talking about the configuration of the web server certificate, IIS, site systems, site system roles and client installations. To understand these steps, knowledge of certificates, IIS and ConfigMgr is required, because it’s not a step-by-step configuration guide. Prerequisites Before going through these steps, there are a few important prerequisites that should be in place: Site systems for Internet-based client management must have connectivity to the Internet and must be in an Active Directory domain. A supporting public key infrastructure (PKI) has to be in place, that can deploy and manage the certificates that the clients require and that are managed on the Internet and …

Read more

How to install a ConfigMgr Client on a WORKGROUP computer, when the ConfigMgr Site is in Native Mode.

To install a ConfigMgr Client on a WORKGROUP computer is always a nice battle, when the ConfigMgr Site is in Native Mode. I think I am not the only one who didn’t work that much with certificates before ConfigMgr. So to make the basics of this process for everyone a bit easier I wrote down these seven steps for implementing the correct certificates and installing the ConfigMgr Client on a WORKGROUP client. These same steps can also be used for separate forests. Step 1. Export the Root Certificate for use on the WORKGROUP computer Logon to the Certification Authority server and create a folder to contain your certificate files (eg C:\Certificates). Open a command prompt and go to the just created folder. Use the following …

Read more