Learn how to use Active Directory Group Policy objects to automate certificate renewal.
- View Offline
- [Instructor] Autoenrollment is a great way…to have your computers and your users…renew their own certificates…without requiring them to have any idea how to do it.…While the work is done through group policy,…there are a few things we need to set up…in the certification authority first.…So let's go back in to manage our templates.…And there are four tabs that we need to check.…We're going to make some changes to our user certificates.…So we're going to double-click on User.…From this General tab, you need to verify…that Publish certificate in Active Directory is selected.…
The next thing you need to do is go to Request Handling.…If your screen looks anything like this,…then you cannot configure this template for autorenewal.…So once again, benefits of making your own custom templates.…I'm going to cancel out of here,…and I'm going to duplicate the User template.…I'm going to make a user template…specifically for the users of our domain.…On the General tab, I will give the template a name,…Landon Cafe Users.…
Note: The topics covered here map to the Configure Identity and Access Solutions domain for Microsoft Certified Solutions Associate (MCSA) Exam 70-412, Configuring Advanced Windows Server 2012 Services. Use these tutorials to study for the exam.
- Implementing Active Directory Federation Services (AD FS)
- Configuring AD FS authentication policies
- Configuring multifactor authentication
- Installing and configuring Active Directory Certificate Services (AD CS)
- Creating certificate templates
- Configuring certificate authority backup and recovery
- Managing certificates, including templates and renewal
- Installing and configuring Active Directory Rights Management Services (AD RMS)