Book Image

Windows Server 2016 Cookbook

By : Jordan Krause
Book Image

Windows Server 2016 Cookbook

By: Jordan Krause

Overview of this book

This hands-on Cookbook is stuffed full of practical recipes that will help you handle the essential administrative tasks in Windows Server 2016. You’ll start by familiarizing yourself with the look and feel of Windows Server 2016, and will then learn how to navigate through some daily tasks using the graphical interface. You will see how to compose optimal Group Policies and facilitate task automation with PowerShell 5.0 scripting. We will also take a look at the functions available to provide remote network access to your traveling users, and explore the much anticipated Nano Server and Hyper-V built-in integration support that is brand new in Windows Server 2016. By the end of this book, you will know how to take your Windows Server 2016-powered server and turn it into any common infrastructure role that might be required in your company.
Table of Contents (18 chapters)
Windows Server 2016 Cookbook
Credits
About the Author
About the Reviewer
www.PacktPub.com
Preface

Configuring Autoenrollment to issue certificates to all domain joined systems


A lot of the new technologies requiring certificates to be used for authentication require those certificates to be distributed on a large scale. For example, if we want to use the Computer certificate for DirectAccess authentication, we need to issue a certificate to every DirectAccess client computer. This could be thousands of laptops in your network. If we want to start encrypting traffic inside the network with IPsec and require certificates to be distributed for that purpose, you would potentially need to issue some kind of machine certificate to every computer inside your network. While you could certainly issue each by hand using either the MMC console or the CA web interface, that doesn't sound like very much fun.

Enter Autoenrollment. We can turn on this feature, which is sort of like flipping a switch in Active Directory, and in doing so we can tell AD to issue certificates automatically to the computers...