hashir 11.09.2019 17:39 (GMT+3) Certificate Autoenrollment in Windows Server 2016 (part 2)

I am facing an issue in the certificate enrollment from windows 10 client PC's

Usually , when the computer join to domain, the computer automatically gets the certificate from domain.

Now I noticed the certificates are not getting automatically when we join the computer on the domain.

I have manually tried to enroll the certificate using 

MMC > Add Snap in > Certificates (Computer Certificates) > Request new certificate

I can see the Active Directory certificate enrollment option in this with proper GUID and when I click next , i am getting the "the certificate types are not available" message window and none of the templates are listed..

When I logged to the same computer with a domain admin account, the enrollment works fine and computer gets the certificate.

I have checked the permission on the templates > domain computers read and enroll and auto enroll permissions are in place.

Is this due to any kerberos issue as I am logging to the computer with local admin user.

Is there any  known bug / any other permission issue..

Please advise the fixes if any one experienced similar issue .



Vadims Podāns
Vadims Podāns 28.08.2019 22:56 (GMT+3) PS Cmdlet Help Editor v3.3.5.0 Beta

Yeah, sounds like it was burried there. When I get a time, I will upload compiled version.

J.  Provencher
J. Provencher 28.08.2019 21:50 (GMT+3) PS Cmdlet Help Editor v3.3.5.0 Beta

This is no longer available.  I found it on github, but it is only source with no downloadable release.  Is there one available?

Matt B
Matt B 26.08.2019 22:04 (GMT+3) How to merge certificate and private key to a PKCS#12(PFX) file

Absoltuely brilliant, simple instructions. For Windows users certutil is the easiest way to combine two text files (a cer and private key) into a PFX.

Well done sir. Thank you.

Mahdi varzdar
Mahdi varzdar 21.08.2019 08:57 (GMT+3) Moving Online Responder (OCSP) to custom Web URL

Hi I was able to do it and thank you.