KCA has problems publishing to Microsoft Exchange Server

3 years ago

Originally Published: 2004-07-15

Article Number

000060282

Applies To

Keon Certificate Authority 6.0.2
Microsoft Windows 2000 Server SP4
Microsoft Exchange Server 2000
Microsoft Windows XP
Microsoft Outlook 2000
Microsoft Active Directory

Issue

KCA has problems publishing to Microsoft Exchange Server
Enable KCA Publishing to Exchange Server/GAL
If user is located in cn=users, dc=na, dc=acme, dc=com, certificate does get published to user's GAL. If the user is located anywhere else such as cn=users, ou=pki, dc=na, dc=acme, dc=com it fails to post.

Cause

User not located in standard Microsoft Active Directory location of cn=users, dc=na, dc=acme, dc=com

Resolution

Using multiple locations for User records in Active Directory is currently not supported with Microsoft Exchange/Outlook integration in RSA Keon CA.

The ActiveX component (kcaoutlook.dll) responsible for publishing the Certificate to the Global Address List (GAL) does not have administrative rights that enables it to search for user locations in the Active Directory through the LDAP interface. Therefore, it assumes the publishing location is always CN=<user name>, CN=Users, <base dn>, where 'base dn' is created from the FQDN of the exchange server (e.g. if FQDN is server.company.com, base dn is DC=server,DC=company,DC=com).

Don't see what you're looking for?

Related Articles

Trending Articles