Question : How do I change server 2003 Computer(Machine) certificate validity to more than one year?

I have an Enterprise CA with an offline root. I am using the PKI for wireless authentication. I have thin clients running XPe and are joined to the domain. However, I have them logged on with a local user account. I am using a computer certificate to authenticate the machine only. The setup is working. The thin client receives a Computer(Machine) certificate. The validity is set for 1 year. When I manage the templates, the options for this template is grayed out. Is there a way to change the properties, or designate another certificate to be issued?

Thanks

Answer : How do I change server 2003 Computer(Machine) certificate validity to more than one year?

check this on the CA:
certutil -getreg ca\ValidityPeriodUnits
certutil -getreg ca\RenewalValidityPeriodUnits

Also, check the validity period defined in the certificate template.

Lastly, if the CA cert has been around for awhile, it may be truncating the issued certs - an issued cert cannot be valid for longer than the validity period of the CA cert. 2 years for an issued cert is actually common from a CA with a validity of 5 years, or 3 years from a 6 year CA cert (the half-life, rounded down)

Random Solutions

ADO connecting to access database - no named arguments

OnChange Event (Apply Button) VB.NET

Visual Basic Search and Replace through large text file

Replace a terminal services server in Windows Server 2003 OS

What is the default Admin password for Access 2003 Workgroups?

Top 10 invoice amounts in Oracle Payables

Export Worksheets with Values and additional Code for Cell Protection

How to zip/unzip with VB.NET?

ISA Server 2004