How can I retrieve the LDAP server certificate for Windows 2008 and 2003 global catalog servers?

windows-server-2008 windows-server-2003 active-directory ldap domain-controller
16,402

First of all, I highly recommend installing an Enterprise root CA, as alluded to in the comments, because it makes certificate management loads easier. You can even script or configure automatic certificate requests and issuance policies, in addition to having a central source for certificates.

Having said that, the procedure for retrieving a machine certificate is fairly straightforward.

Log onto the machine in question. Open the Microsoft Management Console (MMC.exe). Go to Add/Remove Snap-in.... Select Certificates, Add ->. At the pop-up dialogue, select the Computer account radio button, hit Next > and select the Local Computer radio button and hit Finish (should be selected by default).

Click OK, and expand Certificates. the one you're looking for should be under a subfolder of Personal called Certificates, and if multiple are present, should be the one with the machine name in it, of Template type Computer, assuming a default certificate deployment configuration. See the screenshot below.

Certmgr.msc

Share:
16,402

Related videos on Youtube

Mike B
Author by

Mike B

Technology Enthusiast, Gamer, Sci-Fi Addict, and DIY-er in training. =)

Updated on September 18, 2022

Comments

  • Mike B
    Mike B over 1 year

    Windows Server 2008 | Windows Server 2003

    I want to leverage LDAPS on a linux appliance. The vendor requires the server certificate for my Windows 2008 | Windows 2003 global catalog servers so it can initiate secure calls to TCP/3269 (and perhaps TCP/636). For security purposes, they don't implicitly trust self-signed certs so I need to retrieve it from the server and pre-load the public key on the appliance.

    Can someone point me to instructions for how to retrieve these server certs in Windows?

    • jscott
      jscott over 11 years
      Are you running your own Certificate Authority?
    • ravi yarlagadda
      ravi yarlagadda over 11 years
      ..and if you aren't, are you able to load multiple keys to trust? Each domain controller has a different one.
    • Mike B
      Mike B over 11 years
      @ShaneMadden I am able to load multiple keys to trust

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to check windows domain user status?
ADPREP /forestprep fails to verify replication cycle on schema master
How to join an Active Directory with a Linux machine
How can I see all users of domain in this PC?
Windows 2008 server on 2003 Domain failing kerberos pre-auth
Cannot connect Windows 7 machine to windows 2003 domain
No longer able to edit scripts in SYSVOL/domain/scripts on Server 2008
Active Directory Multi Site. Choose nearest DCs into Linux/Not-Microsoft applications
Join Windows 2003 R2 guest to Windows 2012 R2 domain controller
AD "The parameter is incorrect" when joining domain