How to renew a user certificate ?

Hi all,
Once,I received the following eventID : Event ID 9323 Source MSExchangeSA.
I succeded to renew the certificate for the administrator as explained.
Now I get it again but for a single USER whose certificate expired.
How can I the renew the certificate on behalf of a user from the CA ?
Enclosed is an attachement of the current situation.
Step-by-step help would be greatly appreciated.
Regards,
Stéphane
certificateissue.jpg
SvenzarddaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ParanormasticCryptographic EngineerCommented:
Look at the certificate on the Details tab and look for the Certificate Template Information field and select that.  In the white box at the bottom it will name the certificate template issued under and the template's OID (for basic EFS it will be "EFS" otherwise if a duplicated template it will be a very long number).

Open the CA MMC and make sure that the template is still issued to the CA under the Certificate Templates folder.  If not, right-click the Cert Tempaltes folder - new - Certificate tempalte to issue.. and select thetemplate.  Wait for AD replication and it should be available now.

If already there, check the pending requests and just make sure there isn't something sitting there.

Once available (or if it already was) then open up http://CASERVERNAME/certsrv page and select the first option on each page, then select the template from the drop down list and fill out the form for a new cert.

Once installed, have the user open a cmd prompt and run this from any directory:
cipher /u

this will update all EFS encrypted files that the user has access to to use the new EFS cert.

Note:
Make sure you have USMT version 3.0 installed and back up their profile after installing any EFS cert in case they ever need a new profile (and other benefits).
http://technet.microsoft.com/en-us/library/cc766089(WS.10).aspx
USMT3.0 Download:
http://www.microsoft.com/downloads/details.aspx?familyid=799AB28C-691B-4B36-B7AD-6C604BE4C595&displaylang=en
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.