certificates

Note-to-self: useful links when you need to add 3rd party certs to the NTAuth store

For Win2003:

How to import third-party certification authority (CA) certificates into the Enterprise NTAuth store
http://support.microsoft.com/kb/295663/en

For Win 2008, Windows Server 2012:

Add Published Certificates to Active Directory Containers
http://technet.microsoft.com/en-us/library/cc731612.aspx

“If a CA certificate is not added automatically when the new CA is created, such as a stand-alone CA created by a user who is not a member of the Enterprise Admins group, the CA certificate can still be added manually to the NTAuthCertificates container.

This process can also be used to add the CA certificate of a non-Microsoft CA that has been used to issue smart card logon or domain controller certificates. By publishing these CA certificates to the Enterprise NTAuth store, the administrator indicates that the CA is trusted to issue certificates of these types.

Using Enterprise PKI: http://technet.microsoft.com/en-us/library/cc754963.aspx

Install the Enterprise PKI Console: http://technet.microsoft.com/en-us/library/cc771085.aspx