TM
TM 17.12.2020 05:11 (GMT+2) I’m moving!

Very late, but thanks so much for your archive here. It has been a complete lifesaver.

I don't what went through some drone's head at MSFT - I'm sure it wasn't the blog maintainers! as you've said, hardly anyone knew - but their decision to delete or hide a lot of very good content that has been linked to from untold places over the web (including from their own Technet forums) has been frustrating in the extreme. I have wasted literal days trying to locate references I used to rely on regularly. Not even so much as a simple redirect - it's not like the technology to make it relatively seamless doesn't exist. The search engine on the new site is useless as well, just to add insult to injury.

For general product information and updates, MSFT's new consolidated "product" blogs with tons of very irrelevant (marketing) information about products I've never heard of means that I miss out on actual important updates to products that are core to operating AD successfully. Such as PKI. And LDAP. Again, incomprehensible decision from Microsoft.

Cutting short the rant, your archive here has been invaluable, and no wonder you have been offered new opportunities - obviously well deserved. Good luck on all your future endeavours.

Vadims Podāns
Vadims Podāns 16.12.2020 18:14 (GMT+2) Certificate Autoenrollment in Windows Server 2016 (part 2)

You need to investigate it first why they don't renew. Go through the check list:

  1. template is properly configured for autoenrollment (subject, permissions)
  2. there are CAs that serve these templates
  3. GPO is applied to clients
  4. Watch event logs, autoenrollment will report issues to Application log.
Allferry
Allferry 16.12.2020 17:16 (GMT+2) Certificate Autoenrollment in Windows Server 2016 (part 2)

Hi Vadims

We have a server (CA) that does our certitificates to computers, but for some reason the certitificate didn't auto-renew.

Is there a way we can renew the cert on the server and computers could get this new cert, when they request?

 

Many thanks

Allferry

Cody
Cody 01.12.2020 16:09 (GMT+2) Certificate Autoenrollment in Windows Server 2016 (part 3)

Vadims,

Sorry about the typo on your name, I was looking at a post above. My mistake.

Cody
Cody 01.12.2020 16:05 (GMT+2) Certificate Autoenrollment in Windows Server 2016 (part 3)

Hi Vadmin,

Thank you for this guide. I seem to be having an issue with Auto Enrollment. I am attempting to deploy a computer certificate under auto enrollment. I pretty much had what you described already from the certificate perspective, however I was unable to figure out how to configure the GPO. I followed your guide for this however when I launch the certlm for my local computer certificates and attempt to Automatically Entroll and Retreive certificates the template I created does not appear. There is nothing for me to select. What might I be doing wrong?