locked
Auto-enrollment problem RRS feed

  • Question

  • Hello,

    I have a very strange problem with auto-enrollment.

    The thing is that auto-enrollment is working in a AD Site where CA Issuing server is installed. In other sites auto-enrollment is not working, but when you request cert using MMC or over CA Web everything works fine. 

    We have 3-Tier PKI Implemented.

    Just to add, on our firewalls everything is opened. Literally ANY ANY is allowed.

    • Moved by Awinish Friday, June 15, 2012 10:46 AM Moved to Security forum (From:Directory Services)
    Friday, June 15, 2012 10:16 AM

Answers

  • I found out what was the problem. GPO were not applied.

    One thing I found out is that if you dont have Recovery Agent in Default Domain Policy it doesn't work. 

    You can not create GPO with Recovery Agent.

    Interseting...

    • Marked as answer by Kent-Huang Tuesday, July 3, 2012 8:45 AM
    Monday, June 25, 2012 1:38 PM

All replies