• RSS
  • Twitter
  • FaceBook

Directory Services Store (dsstore)

  • Section(s): Miscellaneous
  • Published on Apr 20, 2004.
  • Last Modified on Apr 20, 2004.
  • Last Modified by Wayne Maples.
  • Rated 1 out of 5 based on 1 votes.
Directory Service Store (dsstore) is part of the Windows 2000 Server Resource Kit, a Security Tools component. One normally uses the MMC Active Directory Users and Computers snap-in and the Certificate Services snap-in to manage most aspects of enterprise root CAs. Like most admin activities, the GUI-based tools are OK for a small shop or onesy/twosy type changes but is not adequate for large enterprises because one can not script mass changes.

dsstore will let you list, add, and delete Enterprise Root CAs; maintain certificate revocation lists (CRLs) in AD; and add Win2K CAs or offline CAs to the enterprise PKI stored in your Active Directory. W2K will automatically enroll a user and computer when an operation starts that requires a certificate. You can proactively enroll users using dsstore. You can do problem solving to check the status of DCs certificates and verify the validity of smart cards.

Related Tips:

Troubleshooting Windows 2000 PKI Deployment and Smart Card Logon
The Dsstore Tool May Not Work If the NetBIOS Name and the DNS Domain Name Are Different
How to Install a Windows 2000 Certificate Services Offline Root Certificate Authority
Windows 2000 Certificate Services

About Wayne Maples


Article not looking right or info is missing? Let us know so that we can fix it: .


Receive all the latest articles by email!

Receive Real-Time & Monthly WindowsNetworking.com article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become a WindowsNetworking.com member!

Discuss your network issues with thousands of other network administrators. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred data recovery solution?