mgordon-spi
asked on
Computer's not auto-enrolling after first enrollment
We currently have Active Directory Certificate Services (via Group Policy) serving out Machine/Computer Certificates to provide authentication for our Wireless Network. After the initial setup all the computers have had no issue receiving the certificate via Auto enrollment but it seems if we rebuild a client (ala Ghost/Reimage) they no longer get a machine certificate nor is it possible to enrol manually using Certificate Management in MMC (the option for machine/computer certificate does not appear in the list).
I have checked the settings in Group Policy and we have enabled the updating of existing templates & auto re-enrollment.
I have checked permissions with ADSIedit for the PKI infrastructure with no issues apparent.
Clients are a mostly Windows 7, Vista SP1 with a few still on XP SP2
Cert Server is 2008 R2 running ADCS (also running NPS for RADIUS auth for the Wireless Network) and have 1 2008 R2 DC, 1 2008 DC and 1 2003 PDC in a Windows 2003 Domain/Forest Functional level
Any ideas or diagnostics I should try?
I have checked the settings in Group Policy and we have enabled the updating of existing templates & auto re-enrollment.
I have checked permissions with ADSIedit for the PKI infrastructure with no issues apparent.
Clients are a mostly Windows 7, Vista SP1 with a few still on XP SP2
Cert Server is 2008 R2 running ADCS (also running NPS for RADIUS auth for the Wireless Network) and have 1 2008 R2 DC, 1 2008 DC and 1 2003 PDC in a Windows 2003 Domain/Forest Functional level
Any ideas or diagnostics I should try?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER