Solved

How to enroll a machine certicate from AD via script

Posted on 2016-08-25
6
35 Views
Last Modified: 2016-09-07
I´m trying to find a way to enroll a machine certificate from a template already published by the Active Directory Enrollment Policy via script because for some reason the GPO configured for that is not having the behaviour expected.

Manually via MMC, I can request and successfully enroll the certificate within the Computer Account. The template is there correctly published etc. but the GPO is not working and I´m reaching my deadline to get it sorted.

So my idea was to deploy a script via SHELL or POWERSHELL but I couldn´t find any way. Bear in mind that my workstation park is Windows 7, so the Get-Certificate command is not an option.

Any idea is welcome. Thanks
0
Comment
Question by:Giuliano Foletto
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 40

Expert Comment

by:footech
ID: 41770831
I'm not aware of a way to request the certificate with PS (but I haven't researched it), but if I were you I would fix or try to find out why the deployment via GPO isn't working, as that's the way I would do it.
0
 

Author Comment

by:Giuliano Foletto
ID: 41771510
Yeah, I´m working on that in parallel. Thanks!
0
 
LVL 40

Expert Comment

by:footech
ID: 41771993
You may want to start a new question on that topic to try to get it resolved.  If you post the link to it here, I will try to follow up.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 20

Assisted Solution

by:Peter Hutchison
Peter Hutchison earned 500 total points
ID: 41772856
You can use the Certreq.exe command with the -Enroll option from the command prompt.
0
 

Accepted Solution

by:
Giuliano Foletto earned 0 total points
ID: 41782013
Well, the Certreq command did help but I´ve learned it doesn´t have a "silent" option and that´s by design. So no automatic deployment via script.

Anyway, I´m working on the GPO resolution that in the end is the "correct", and probably the only, way to deploy automatically a certificate over the network.
0
 

Author Closing Comment

by:Giuliano Foletto
ID: 41787483
In the end I was asking for a workaround that doesn´t exist
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question