Keith Combs' Blahg

Ramblings from another nerd on the grid

HSPD-12 Logical Access Authentication and Active Directory Domains

HSPD-12 Logical Access Authentication and Active Directory Domains

  • Comments 3
  • Likes

ws2008 r2 blog logo This document explains the interdependencies between Active Directory Domain Services (AD DS) and Public Key Infrastructure (PKI) related to USA Homeland Security Presidential Directive 12 (HSPD-12) smart card logon. Topics concerning the Federal PKI Common Policy Root certificate, Extended Key Usage (EKU) requirements and validation of Personal Identity Verification (PIV) authentication certificates for smart card logon are addressed. This document is written for enterprise information technology professionals who are planning or implementing PIV-II smart card logon in accordance with the HSPD-12 directive. It is assumed that the audience for this document has basic knowledge of Public Key Infrastructure and Smart Card concepts.

Get it @

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • Boo! Change this tag to FUN STUFF Keith!! Some of us love HSPD-12 and smart cards :)

  • LOL.  You caught that.

  • Has anybody successfully deployed this yet?!?  Can anybody recommend a better document than the one Microsoft published?