Create an automatic certificate request for computers in a Group Policy object

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To create an automatic certificate request for computers in a Group Policy object

Open the Group Policy object (GPO) that you want to edit.
In the console tree, click Automatic Certificate Request Settings.

Where?
- Policy Object Name/Computer Configuration/Windows Settings/Security Settings/Public Key Policies
- Automatic Certificate Request Settings
On the Action menu, point to New, and then click Automatic Certificate Request.

This starts the Automatic Certificate Request Setup Wizard. Follow the steps in the wizard to create an automatic certificate request for computers that have this GPO applied to them.

Notes

To perform this procedure, you must be a member of the Domain Admins group or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.
To open a GPO, see Group Policy (pre-GPMC).
This procedure does not apply to Local Policy objects.
To use the Automatic Certificate Request Setup Wizard, you must know the certificate template that you want to use. A certificate based on the selected template will be requested automatically at the first occurrence of any of the following: a user logs on, Group Policy is refreshed, or a computer joins the domain and is subject to a Group Policy setting.
The Automatic Certificate Request Setup Wizard asks which certification authority (CA) it should query when the wizard runs on Windows 2000. The wizard will not prompt you when it runs on Windows XP or the Windows Server 2003 family.
There can only be one certificate request for each certificate type per GPO.

Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.