Inscrit le: 17 Nov 2017
|Posté le: Ven 15 Déc - 13:06 (2017) Sujet du message: Standalone Workstations autoenrolling for Certificates
I am trying to automate the request and installation of certificates in our staging environment. I need each workstation to have a unique computer certificate for authentication. Ideally I would install a standalone CA and have the workstations request and obtain certificates to it via a powershell script. It would appear that I need an enterprise CA (so I also need AD) to enable an enrollment server. There are no user or computer accounts in this domain - it would only be to host an enterprise CA if I need to go down that road.
Some of the gotchas I'm running into the local context. Also, the workstations are not a member of any domain so permissions (anonymous logon with a machine account) are proving difficult.
I have read the articles on using CEP and CES with standalone computers. This works well with the intervention of the mmc console (I can enter a username and password to obtain the certificate after selecting my defined enrollment policy).
How do I translate this to success with certreq / certutil and powershell?
I did not find the right solution from the Internet.
Animated Business Promotional Video