Solved

How to renew a user certificate ?

Posted on 2009-06-29
2
645 Views
Last Modified: 2012-06-27
Hi all,
Once,I received the following eventID : Event ID 9323 Source MSExchangeSA.
I succeded to renew the certificate for the administrator as explained.
Now I get it again but for a single USER whose certificate expired.
How can I the renew the certificate on behalf of a user from the CA ?
Enclosed is an attachement of the current situation.
Step-by-step help would be greatly appreciated.
Regards,
Stéphane
certificateissue.jpg
0
Comment
Question by:Svenzardda
2 Comments
 
LVL 31

Accepted Solution

by:
Paranormastic earned 250 total points
ID: 24737788
Look at the certificate on the Details tab and look for the Certificate Template Information field and select that.  In the white box at the bottom it will name the certificate template issued under and the template's OID (for basic EFS it will be "EFS" otherwise if a duplicated template it will be a very long number).

Open the CA MMC and make sure that the template is still issued to the CA under the Certificate Templates folder.  If not, right-click the Cert Tempaltes folder - new - Certificate tempalte to issue.. and select thetemplate.  Wait for AD replication and it should be available now.

If already there, check the pending requests and just make sure there isn't something sitting there.

Once available (or if it already was) then open up http://CASERVERNAME/certsrv page and select the first option on each page, then select the template from the drop down list and fill out the form for a new cert.

Once installed, have the user open a cmd prompt and run this from any directory:
cipher /u

this will update all EFS encrypted files that the user has access to to use the new EFS cert.

Note:
Make sure you have USMT version 3.0 installed and back up their profile after installing any EFS cert in case they ever need a new profile (and other benefits).
http://technet.microsoft.com/en-us/library/cc766089(WS.10).aspx
USMT3.0 Download:
http://www.microsoft.com/downloads/details.aspx?familyid=799AB28C-691B-4B36-B7AD-6C604BE4C595&displaylang=en
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You may have a outside contractor who comes in once a week or seasonal to do some work in your office but you only want to give him access to the programs and files he needs and keep privet all other documents and programs, can you do this on a loca…
These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now