Your network contains two Active Directory forests named contoso.com and fabrikam.com.
A two- way forest trust exists between the forests.
The contoso.com forest contains an enterprise certification authority (CA) named CAl.
You implement cross-forest certificate enrollment between the contoso.com forest and the fabrikam.com forest.
On CA1, you create a new certificate template named Template1.
You need to ensure that users in the fabrikam.com forest can request certificates that are based on Template1.
Which tool should you use?
A.
Sync-ADObject
B.
Pkiview.msc
C.
CertificateS
D.
Certutil
E.
PKISync.ps1
Explanation:
A:
Replicates a single object between any twodomain controllers that have partitions in common.
B:
Monitoring and troubleshooting the health of all certification authorities (CAs) in a public key infrastructure
(PKI) are essential administrative tasks facilitated by the Enterprise PKI snap-in.
D:
use Certutil.exe to dump and display certification authority (CA) configuration information, configure
Certificate Services, backup and restore CA components, and verify certificates, key pairs,and certificate
chains.
E:
PKISync.ps1 copies objects in the source forest to the target forest
http://technet.microsoft.com/en-us/library/hh852296.aspx
http://technet.microsoft.com/en-us/library/cc732261(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/ff955845(v=ws.10).aspx