|Applies To||Keon Certificate Authority 6.0.2|
Microsoft Windows 2000 Server SP4
Microsoft Exchange Server 2000
Microsoft Windows XP
Microsoft Outlook 2000
Microsoft Active Directory
|Issue||KCA has problems publishing to Microsoft Exchange Server|
Enable KCA Publishing to Exchange Server/GAL
If user is located in cn=users, dc=na, dc=acme, dc=com, certificate does get published to user's GAL. If the user is located anywhere else such as cn=users, ou=pki, dc=na, dc=acme, dc=com it fails to post.
User not located in standard Microsoft Active Directory location of cn=users, dc=na, dc=acme, dc=com
|Resolution||Using multiple locations for User records in Active Directory is currently not supported with Microsoft Exchange/Outlook integration in RSA Keon CA.|
The ActiveX component (kcaoutlook.dll) responsible for publishing the Certificate to the Global Address List (GAL) does not have administrative rights that enables it to search for user locations in the Active Directory through the LDAP interface. Therefore, it assumes the publishing location is always CN=<user name>, CN=Users, <base dn>, where 'base dn' is created from the FQDN of the exchange server (e.g. if FQDN is server.company.com, base dn is DC=server,DC=company,DC=com).
|Legacy Article ID||a22266|