Cisco Cisco NAC Appliance 4.9.1 技术手册
Obtain the certificate on the Domain Controller (DC).
When you request a certificate for DC, make sure to put the CN as Active Directory fully qualified
domain name. LDAPS certificate is located in the personal certificate store of the local computer.
Refer to How to enable LDAP over SSL with a third−party certification authority for more
information.
domain name. LDAPS certificate is located in the personal certificate store of the local computer.
Refer to How to enable LDAP over SSL with a third−party certification authority for more
information.
3.
Configure the Domain Controller for SSL.
On your DC, choose Start > All Programs > Administrative Tools > Active Directory
Users and Computer.
Users and Computer.
a.
In the Active Directory Users and Computers window, right−click on your domain name and
choose Properties.
choose Properties.
b.
In the Domain Properties dialog box, choose the Group Policy tab.
c.
Choose the Default Domain Policy group policy and then click Edit.
d.
Choose Computer Configuration > Windows Settings.
e.
Choose Security Settings and then choose Public Key Policies.
f.
Choose Automatic Certificate Request Settings.
g.
Use the wizard in order to add a policy for Domain Controllers as in this example:
h.
4.