Unable to publish\enroll certificate via GPO


  • Hi All,

    I am trying to achieve secure communication of clients SCCM agent to the Management Point This is failing as GPO is unable to enroll client certificates and gives error

    Automatic certificate enrollment for local system failed (0x8007000d) The data is invalid. - activity in xyz domain

    I have a primary domain and another recently acquired domain Both domain have been set up with 2 way trust. if I manually create a certificate from abc domain and install on a client machine in xyz domain the certificate works as well as the secured communication but we are unable to enroll certificates from GPO in xyz domain. Can some one suggest a solution.


    Sharad Pandey

    Wednesday, August 10, 2016 6:43 PM