Solved

Computer Certs for Workgroup Computers

Posted on 2013-12-02
7
1,189 Views
Last Modified: 2014-01-01
I am trying to install computer certs for Workgroup Computers so I can enable secure RDP for PCI compliance.  I have a Windows 2012 Internal CA that is issuing certs for domain computers and I can request Web Server certs through the browser.  What am I missing to get computer certs to Workgroup servers?
0
Comment
Question by:paulymo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 78

Expert Comment

by:arnold
ID: 39691646
Nothing, they (workgroup computers/users) have to be manually request and install the certificates issued by the CA.
0
 

Author Comment

by:paulymo
ID: 39692484
How do I manually request it?
0
 
LVL 78

Expert Comment

by:arnold
ID: 39694282
Using a webbrowser navigate to http://CAserver/certsrv there you can choose the type of certificate you need and is based on the templates you approved/configured on the CA.

Once submitted, you will have a certificate to download/install.
If you have configured the CA to place requests in a pending queue, you would need to approve the pending certificate.

certreq can be used to generate a CSR that is then submitted to the CA's certsrv site for signing.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:paulymo
ID: 39699623
Thanks Arnold for your response.  So far I am aware of everything you have suggested but do not see a computer cert available.  Any suggestions on creating a computer cert from a template for workgroup computers?
0
 
LVL 78

Expert Comment

by:arnold
ID: 39700172
Within the CA you can configure the template s available on the CA.
If you as administrator navigate to http://server/certsrv.
To enroll.  Certutil,certreq are command line tools.

http://technet.microsoft.com/en-us/library/cc770794(v=ws.10).aspx

The difficulty is knowingtefunctionlity/attributes that might be needed.
0
 

Accepted Solution

by:
paulymo earned 0 total points
ID: 39742333
I had to install the ADCS Certificate Enrollment Web Service and ADCS Certificate Enrollment Policy Web Service Server roles to make this work.
0
 

Author Closing Comment

by:paulymo
ID: 39749623
No other solutions worked.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question