Information Technology Reference
In-Depth Information
enabling the Windows Deployment Services (WDS) server role
If WDS is not configured on your network, install the WDS server role on a Windows Server
2012 or Windows Server 2012 R2 server. It does not require a fully configured WDS server,
just the WDS service to be running. You can install the WDS role as part of the Network
Unlock feature install or separately by using this:
Install-WindowsFeature WDS-Deployment
Confirm that the WDS service is running with this:
Get-Service WDSServer
Creating the Network Unlock certificate
On the WDS server, follow these steps to create the Network Unlock certificate if working in
an environment with an existing certification authority (CA):
1.
Open Certificate Manager on the WDS server using
certmgr.msc
.
2.
Request a new personal certificate, as shown in Figure 2-31.
FIGURE 2-31
The Certificate Manager console
3.
Click Next and select Active Directory Enrollment Policy; then click Next.
4.
Choose the certificate template created for the Network Unlock on the domain con-
troller and select Enroll.
5.
Add a Subject Name value that clearly identifies the purpose of the certificate, such as
BitLocker Network Unlock Certificate for TreyResearch domain
.
