First published on TECHNET on Sep 28, 2011
Ingolfur has written a blog post as well as a TechNet Wiki article describing how a Windows Server 2008 R2 certification authority (CA) parses certificates, especially those from a third-party (3rd party) non-Microsoft CA. He also covers the Key Distribution Center (KDC) enhanced key usage (EKU) object identifiers (OIDs) and in the blog post KDC event ID 29.
TechNet Wiki article: Updated requirements for a Windows Server 2008 R2 domain controller certificate from a 3rd party CA
Blog post: Smartcard logon using certificates from a 3rd party on a Domain Controller and KDC Event ID 29
Updated Feb 21, 2020
Version 3.0NoMoePwds
Microsoft
Joined April 05, 2019
Core Infrastructure and Security Blog
Follow this blog board to get notified when there's new activity