Automated CA build

[Wayne Harris]

Creating a hands off PKI install.

And Enterprise Root CA.

I need to set the DN to the following.

O=Parent Company

OU=Child Company

C=US

Somehow, i seem to only be able to set the CA's name. not the

Distinguished name. If I build the CA by hand, of course i can type

it in. But the automatic version of this seems to be tricky.

Here is my unattend.inf file:

[components]

certsrv=on

CertSrv_Server=on

CertSrv_Client=on

[Certsrv_Server]

CAType=EnterpriseRoot

CSPProvider="Microsoft Strong Cryptographic Provider"

HashAlgorithm=SHA1

KeyLength=2048

Locality="US"

Name="XYZ Corp Experimental CA R3"

Organization="Parent Corporation"

OrganizationUnit="Child Corp"

SharedFolder=c:\cainstall

UseSharedFolder=Yes

ValidityPeriod=5

ValidityPeriodUnits=Years

Here is my reference:

http://technet2.microsoft.com/windowsserve...3.mspx?mfr=true

I am using the following command prompt to launch it.

sysocmgr /i:sysoc.inf /u:c:\cainstall\unattend.inf

Anyone ever set the CA's DN from an unattended install? if so, how?

-Wayne

wayne_a_harris@hotmail.com

 

[Saurav Sinha [MSFT]]

Is this a Windows Server 2003 CA? If yes then we donot support setting the

DN for unattended setup for Windows Server 2003.

You can do it using the setup UI.

Here is the list of supported unattend.inf options for the CA:

http://technet2.microsoft.com/windowsserve...3.mspx?mfr=true