Hey TLG and AD CS fans,
My long-time colleague Kurt Hudson has just published the Test Lab Guide Mini-Module: Cross-Forest Certificate Enrollment using Certificate Enrollment Web Services.
This detailed article describes how to obtain certificates in one AD DS domain (corp.contoso.com) for use in a different and untrusted AD DS domain (litwareinc.com). This article also describes how to configure Certificate Enrollment Web Services and Group Policy to automatically renew the certificates between the domains.
This is a great example of TLG content that steps you through a complex configuration and demonstration of functionality, including the new key-based renewal feature of Windows Server 2012, that would be somewhat difficult to determine how to do in your own custom test lab.
Hats off to Kurt!
Enjoy in peace this holiday season.
Joe DaviesPrincipal Writer