I have a working environment with the Federated Authentication Services. We also have autoenrollment of certificates set in de Default Domain GPO.
Our workstations are now trying to autoenroll the Citrix_RegistrationAuthority_ManualAuthorization certificate. I already removed the Domain Computers from the security tab, and added the FAS servers with enroll and autoenroll checked. The rest I left default.
CREATOR OWNER, SYSTEM and Domain Admins have all boxes checked. Authenticated Users only the read box.
What are the correct security settings for this template to prevent autoenrollment from the workstations?
Question
Jeroen Blosser
Hi all,
I have a working environment with the Federated Authentication Services. We also have autoenrollment of certificates set in de Default Domain GPO.
Our workstations are now trying to autoenroll the Citrix_RegistrationAuthority_ManualAuthorization certificate. I already removed the Domain Computers from the security tab, and added the FAS servers with enroll and autoenroll checked. The rest I left default.
CREATOR OWNER, SYSTEM and Domain Admins have all boxes checked. Authenticated Users only the read box.
What are the correct security settings for this template to prevent autoenrollment from the workstations?
Regards,
Jeroen
Link to comment
4 answers to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now