RE: More CAC issues [was- [Fed-Talk] PKINIT and Kerberos
RE: More CAC issues [was- [Fed-Talk] PKINIT and Kerberos
- Subject: RE: More CAC issues [was- [Fed-Talk] PKINIT and Kerberos
- From: "Monahan, Jim (Contractor)" <email@hidden>
- Date: Tue, 15 Nov 2005 14:37:51 -0500
Title: RE: More CAC issues [was- [Fed-Talk] PKINIT and Kerberos
The ability to login to the network using CAC was removed when we upgraded (Windows) users from v2 to v3 of the activecard cleint, so we will have to either install a new version and/or reconfigure the existing Activecard client on each machine for network login/2 part authentication, as well as verify the users know their pins (many here do not),etc....obviously a large undertaking (deployment planning, etc).
1st quarter fiscal '06 ends in 45 days...I've heard nothing about it. Given I will bear the responsibility to perform the above on my users machines, it stands to reason we would have at least been made aware something of this nature was in the wings.
But I have heard local DOIM will be taking over our Exchange 5.5 server and upgrading it to Exchange 2003 in the near future - which means Entourage 04 should be able to connect, and I believe Entourage 04 does support (at least) signed mail.
-----Original Message-----
From: Ide, Douglas Mr USACFSC [mailto:email@hidden]
Sent: Tuesday, November 15, 2005 2:04 PM
To: email@hidden
Subject: RE: More CAC issues [was- [Fed-Talk] PKINIT and Kerberos
It seems that while Macs are indeed officially locked out of joining AD (at least the Northeast AD domain), I've heard there is a pilot underway at PEO, Fort Monmouth, N.J., that includes a couple of hundred Macs hooking into Northeast AD. The pilot is slated to last 120 days, but I can't tell you when it started, or even if it has started.
FWIW,
Doug
Douglas Ide
U.S. Army CFSC Public Affairs
703-681-1548
email@hidden
www.armymwr.com
-----Original Message-----
From: George Polich [mailto:email@hidden]
Sent: Tuesday, November 15, 2005 1:44 PM
To: email@hidden
Subject: More CAC issues [was- [Fed-Talk] PKINIT and Kerberos
Not later than end of 2nd Qtr '06 the Army will fully implement "Two-Factor Network Authentication for User Accounts." Supposedly driven by HS Presidential Directive-12 on common ID standard. In short: CAC and CAC PIN (the two factors) will be required to login to anything Army using "cryptographic capability of MS Active Directory."
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden