Windows 2000 requires that any CA that issues smart card logon or domain controller certificates must publish its CA certificate into the NTAuth store in Active Directory. Windows 2000 CAs automatically publish their CA certificates in Active Directory. Q295663 describes a method to import the certificates that are issued by third-party certification authorities (CAs) into the Windows 2000 NTAuth store.
- Requirements for Domain Controller Certificates from a Third-Party CA
- Guidelines for Enabling Smart Card Logon with Third-Party Certification Authorities
- Troubleshooting Windows 2000 PKI Deployment and Smart Card Logon