How to configure what certificates can be issued using Web Enrollment in Windows Server 2008 R2 Enterprise?

windows-server-2008-r2 certificate-authority ad-certificate-services

I have a CA installed on of my Windows Servers in a small farm of systems. I've installed the Certification Authority Web Enrollment and Certificate Enrollment Web Service roles on the CA.

I want to issue a Computer certificate to a computer not jointed to my domain. The user attempting web enrollment has domain credentials.

The user was able to navigate to https://myServerHostname/certsrv and request a User certificate successfully.

However, the user needs a Computer cert as well. From the certsrv site, the user tried the following:

  • Advanced Certificate Request
  • Create and Submit a Request to this CA

However, the Computer certificate template is not available under the Certificate Template heading. He is only seeing "User" and "Basic EFS".

How do I configure the CA to allow him to request a Computer cert for his system?


Solution 1:

"Customizing the Certificate Services Web Enrollment Pages"
http://msdn.microsoft.com/en-us/library/aa381929(v=vs.85).aspx

Following these instructions, I was able to configure what certificates are available via Web Enrollment.

Related

IIS 7: Disable authentication for certain client IPs
apache spawning too many processes despite maxclient and other constraints
Optimizing MySQL for small VPS
File ACL mask calculation: why?
Amazon EC2 Instance Type Upgrade
phpldapadmin installation
psexec Couldn't access \\IP/computername The system cannot find the path specified
Tunnel with least overhead
using wget through .pac config based proxy server
Tools for Optimizing Posgresql Performance [closed]
Connecting tomcat6 to apache2
Problems setting up a VPN: can connect but can't ping anyone