does absolutely NOTHING!
@Bojan, sorry, I'm not offering consulting services on my site. I suggest to ask your question on appropriate public forum (for example Windows Server Security Q&A).
Hi Vadim,
Can you help me out with cross-forest certificate enrollment (forests without a trust) with emphasis on auto-enrollment using Certificate Enrollment Policy Web Service/Certificate Enrollment Web Service? If full auto-enrollment (without any manual work) is not doable then we have to persuade InfoSec team to allow us two-way forest trust with selective authentication (in that case services above won't be needed obviously).
If you have time and patience I will send you technical details of what we want to accomplish. Complete guide on this is hard to find so any help from you would be highly appreciated. As we all know PKI is complex enough itself and this should be advanced PKI.
Thank you in advance.
Get-ADGroup $groupname | Get-ADGroupMember -Recursive
Man... this is a perfect reference!
Thank you for your hard work.