Microsoft KB Archive/216904

= How to Access a Client Authentication Certificate in the Active Directory =

Article ID: 216904

Article Last Modified on 12/3/2007

-

APPLIES TO


 * Microsoft Internet Information Services 5.0
 * Microsoft Internet Information Services 6.0

-



This article was previously published under Q216904



SUMMARY
You can access a user's Client Authentication certificate from the Microsoft Windows Active Directory. A Client Authentication certificate is an optional UserCertificate property on the user object.



MORE INFORMATION
The following Visual Basic or Visual Basic Script code will access the UserCertificate object:

Dim oUser, vCert Dim strName, strDN StrName = "CN=Frodo Baggins" StrDN = "CN=Users,DC=iis,DC=nttest,DC=microsoft,DC=com" Set oUser = GetObject("LDAP://" & strName & "," & strDN) vCert = oUser.userCertificate Set oUser = Nothing

The strDN must be replaced with the domain information for your environment. In this example, it is set to the Users object in the IIS.nttest.microsoft.com domain.

You can set a user's client authentication certificate by using the Directory Management administration tool.

Note If Microsoft Certificate Services is installed, then the certificate is automatically added to the user's list of certificates when the client requests a certificate.

Additional query words: iis 5 iis5 iis 6 iis 6.0 iis6

Keywords: kbhowto KB216904

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.