diff options
| author | David Mulder <dmulder@suse.com> | 2021-07-12 15:18:04 -0600 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2021-07-15 20:03:45 +0000 |
| commit | f813f8a54ae79dd74a99593aeacb252061688807 (patch) | |
| tree | 03ca7e90aa29382126ad80d22d054e54dd383b10 /WHATSNEW.txt | |
| parent | fd6df5356b7aa180d538a734799b640c1430eb47 (diff) | |
| download | samba-f813f8a54ae79dd74a99593aeacb252061688807.tar.gz | |
Update WHATSNEW for Certificate Auto Enrollment
Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 15 20:03:45 UTC 2021 on sn-devel-184
Diffstat (limited to 'WHATSNEW.txt')
| -rw-r--r-- | WHATSNEW.txt | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index f3db6341e06..fe9eff8ba59 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -16,6 +16,19 @@ UPGRADING NEW FEATURES/CHANGES ==================== +Certificate Auto Enrollment +--------------------------- + +Certificate Auto Enrollment allows devices to enroll for certificates from +Active Directory Certificate Services. It is enabled by Group Policy. +To enable Certificate Auto Enrollment, Samba's group policy will need to be +enabled by setting the smb.conf option `apply group policies` to Yes. Samba +Certificate Auto Enrollment depends on certmonger, the cepces certmonger +plugin, and sscep. Samba uses sscep to download the CA root chain, then uses +certmonger paired with cepces to monitor the host certificate templates. +Certificates are installed in /var/lib/samba/certs and private keys are +installed in /var/lib/samba/private/certs. + REMOVED FEATURES ================ |