I love using machine certificates for RDP SSL as well. This week I came across an issue where I first thought autoenrollment is freaking out and generates on every reboot or gpupdate /force a new certificate.
After I found tons of articles why autoenrollment is not working at all but nothing about issuing to many certificates. I luckily found an article about the GPO settings for RDP.
http://social.technet.microsoft.com/Forums/en-US/winserverTS/thread/382774a9-5b2c-4d54-9abb-03357adccc08
RDP GPO settings http://technet.microsoft.com/en-us/library/cc771869(WS.10).aspx
So it seems that this "known" issue is not yet fixed. Or perhaps it is and I just do not know the KB article number.
Solution in short: Keep "Template Display Name" and "Template Name" with the exact same spelling and no spaces. See below.
No comments:
Post a Comment