My status

My backup memory

Thứ Tư, 27 tháng 7, 2011

Run Best Practice Analyzer for CA shows warning "User AutoEnrollment is not enable" although you already did it

Tình huống: Sử dụng BPA trên CA thông báo User autoenrollment is not enable mặc dù đã cấu hình autoenrollment cho cả User và Computer với Group Policy

Giải pháp:

I've had the same problem, and it bugged me for weeks, but I think I found the solution.  Simply go back to the GPO with your policy (I used the default domain policy GPO but you may have done differently), and in User Configuration => Windows Settings => Security Settings => Public Key Policies section select the "Certificate Services Client -Auto Enrollment"  policy and untick "Expiration Notification".
Then at the command prompt or in powershell refresh the policy "gpupdate /force" and when you run the Best Practices Analyzer for the role it should show that "user autoenrollment group policy is not enabled" is now compliant


Không có nhận xét nào:

Đăng nhận xét