Never mind - I see "Existing OID reuse is not supported" in the Description of the Import- script.
> The OIDs of the certificate templates were different between the two forests - is this expected?
I would say that yes. IX509CertificateTemplateADWritable COM interface re-generates template OIDs.
I tried to export the certificate templates from one forest and import them in another. The OIDs of the certificate templates were different between the two forests - is this expected?
hi got an issue using this it says
PS C:\Windows\system32> Install-AdcsEnrollmentWebService -applicationpoolidentity -CAConfig "<removed ca name>" -AuthenticationType username
Install-AdcsEnrollmentWebService : You cannot set this property because the application pool "WSEnrollmentServer"
already exists. The group or resource is not in the correct state to perform the requested operation. 0x8007139f
(WIN32: 5023 ERROR_INVALID_STATE)
At line:1 char:1
+ Install-AdcsEnrollmentWebService -applicationpoolidentity -CAConfig " ...
+ CategoryInfo : InvalidArgument: (:) [Install-AdcsEnrollmentWebService], EnrollmentServiceSetupException
+ FullyQualifiedErrorId : SetCESProperties,Microsoft.CertificateServices.Deployment.Commands.CES.InstallAdcsEnroll
On Windows Server 2019 you can use built-in Install-AdcsEnrollmentWebService command from AdcsDeployment module.
© 2008 - 2021 - Sysadmins LV. All rights reserved