A Domain Controller is a server computer hosting Active Directory Domain Services that is responsible for allowing host access to domain resources. The Domain Controller authenticates users, stores user account information, and enforces security policy for a domain.

For WSTEP enrollment, a Domain Controller requires the following objects:

  • A certificate enrollment service for each Certificate Authority (CA) that will issue certificates to enrollment clients. Each enrollment service will connect to a single CEG Service instance.
  • For cross-forest deployments, a crossRef object for each cross-forest domain you must support.