Solved

How to enroll a machine certicate from AD via script

Posted on 2016-08-25
6
25 Views
Last Modified: 2016-09-07
I´m trying to find a way to enroll a machine certificate from a template already published by the Active Directory Enrollment Policy via script because for some reason the GPO configured for that is not having the behaviour expected.

Manually via MMC, I can request and successfully enroll the certificate within the Computer Account. The template is there correctly published etc. but the GPO is not working and I´m reaching my deadline to get it sorted.

So my idea was to deploy a script via SHELL or POWERSHELL but I couldn´t find any way. Bear in mind that my workstation park is Windows 7, so the Get-Certificate command is not an option.

Any idea is welcome. Thanks
0
Comment
Question by:Giuliano Foletto
  • 3
  • 2
6 Comments
 
LVL 39

Expert Comment

by:footech
ID: 41770831
I'm not aware of a way to request the certificate with PS (but I haven't researched it), but if I were you I would fix or try to find out why the deployment via GPO isn't working, as that's the way I would do it.
0
 

Author Comment

by:Giuliano Foletto
ID: 41771510
Yeah, I´m working on that in parallel. Thanks!
0
 
LVL 39

Expert Comment

by:footech
ID: 41771993
You may want to start a new question on that topic to try to get it resolved.  If you post the link to it here, I will try to follow up.
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 
LVL 19

Assisted Solution

by:Peter Hutchison
Peter Hutchison earned 500 total points
ID: 41772856
You can use the Certreq.exe command with the -Enroll option from the command prompt.
0
 

Accepted Solution

by:
Giuliano Foletto earned 0 total points
ID: 41782013
Well, the Certreq command did help but I´ve learned it doesn´t have a "silent" option and that´s by design. So no automatic deployment via script.

Anyway, I´m working on the GPO resolution that in the end is the "correct", and probably the only, way to deploy automatically a certificate over the network.
0
 

Author Closing Comment

by:Giuliano Foletto
ID: 41787483
In the end I was asking for a workaround that doesn´t exist
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
A brief introduction to what I consider to be the best editor for PowerShell.
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question