Solved

How to renew a user certificate ?

Posted on 2009-06-29
2
646 Views
Last Modified: 2012-06-27
Hi all,
Once,I received the following eventID : Event ID 9323 Source MSExchangeSA.
I succeded to renew the certificate for the administrator as explained.
Now I get it again but for a single USER whose certificate expired.
How can I the renew the certificate on behalf of a user from the CA ?
Enclosed is an attachement of the current situation.
Step-by-step help would be greatly appreciated.
Regards,
Stéphane
certificateissue.jpg
0
Comment
Question by:Svenzardda
2 Comments
 
LVL 31

Accepted Solution

by:
Paranormastic earned 250 total points
ID: 24737788
Look at the certificate on the Details tab and look for the Certificate Template Information field and select that.  In the white box at the bottom it will name the certificate template issued under and the template's OID (for basic EFS it will be "EFS" otherwise if a duplicated template it will be a very long number).

Open the CA MMC and make sure that the template is still issued to the CA under the Certificate Templates folder.  If not, right-click the Cert Tempaltes folder - new - Certificate tempalte to issue.. and select thetemplate.  Wait for AD replication and it should be available now.

If already there, check the pending requests and just make sure there isn't something sitting there.

Once available (or if it already was) then open up http://CASERVERNAME/certsrv page and select the first option on each page, then select the template from the drop down list and fill out the form for a new cert.

Once installed, have the user open a cmd prompt and run this from any directory:
cipher /u

this will update all EFS encrypted files that the user has access to to use the new EFS cert.

Note:
Make sure you have USMT version 3.0 installed and back up their profile after installing any EFS cert in case they ever need a new profile (and other benefits).
http://technet.microsoft.com/en-us/library/cc766089(WS.10).aspx
USMT3.0 Download:
http://www.microsoft.com/downloads/details.aspx?familyid=799AB28C-691B-4B36-B7AD-6C604BE4C595&displaylang=en
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Pop culture is prime bait for hackers seeking to infect user’s computers and mobile devices with malicious malware. Hackers know exactly what the latest trends are online and know how to use them to their advantage.
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

822 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question