Confirm That Certificates Are Deployed Correctly
Updated: January 27, 2010
Applies To: Windows 7, Windows Essential Business Server, Windows SBS 2003, Windows SBS 2008, Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2, Windows Server 2008, Windows Server 2008 R2, Windows Vista
After configuring your certificates and autoenrollment in Group Policy, you can confirm that the policy is being applied as expected, and that the certificates are being properly installed on the workstation computers.
In these procedures, you refresh Group Policy on a client computer, and then confirm that the certificate is deployed correctly.
To complete these procedures, you must be a member of the Domain Administrators group, or otherwise be delegated permissions to modify the GPOs.
In this topic:
On a computer running Windows 7, Windows Vista, Windows Server 2008, or Windows Server 2008 R2, start a command prompt as an administrator, and then type the following command:
On a computer running Windows XP or Windows Server 2003, start a command prompt, and then type the following command:
On a computer running Windows 2000, start a command prompt, and then type the following command:
secedit /refreshpolicy machine_policy
After Group Policy is refreshed, you can see which GPOs are currently applied to the computer.
Click Start, in the Start Search box, type certmgr.msc, and then press ENTER.
In the navigation pane, expand Trusted Root Certification Authorities, and then click Certificates.
The CA that you created appears in the list.