|
Posted by Brian Komar [MVP] on November 1, 2006, 5:26 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Bob@discussions.microsoft.com says...
> I have an Ent. Root CA that has a Cert. Template that I want autoenrolled for
> specific users in AD. The CA works fine with manually requesting the
> certificate but I cannot seem to get the users autoenrolled. The certificate
> was created and the group added in the security tab of the certificate and
> read, write, enroll and autoenroll are checked. But the users still do not
> get the cert unless they pull it down through the web. I have run out of
> ideas. Any help would be appreciated.
>
> Thanks
>
> bob - new york
>
Did you in addition to configuring the certificate template enable
Autoenrollment Settings with all available options enabled in a GPO
linked either to the domain or to an OU containing the user accounts you
wish to receive the certificate.
In addition, why are you assigning Write permissions. Really really bad
idea.
Brian
| 
XML site map