Hello,
I have a Exchange 2010 with ActiveSync enabled for the mobile device and I want to secure it with a certificate based authentification.
This exchange is typically configured with one domain (DOMAIN1), an ADCS is also configured for this domain and I can issue without problems certificate for my domain users (DOMAIN1).
Now the "problem" is we have many other users connected to an other domain (DOMAIN2) and we haven't ADCS for this second domain.
Currently these users use "linked mailbox" and not the default "user mailbox" mode in order to connect on our Exchange server (there is a relation trust between the AD domain).
I think it's also important to precise that our domains is not on the same forest.
When I want to create a certificate for a DOMAIN2 user, I can not select this domain in the certificate option (the ADCS is on the DOMAIN1).
Maybe it's possible to link a second ADCS (DOMAIN2) on our current ADCS (DOMAIN1) ? I haven't idea of the best solution in this case?
Because I'm not an expert of ADCS I hope you can help me to find a solution or just to help me understand why it's not possible to issue certificate for a different domain user.
Thanks in advance for your help.
Have a nice day.
Clement