question

BijuThankappan-2567 avatar image
0 Votes"
BijuThankappan-2567 asked LimitlessTechnology-2700 answered

Deploy pfx to users personal cert store for some users

Hi,

I'm looking for a way to deploy pfx file to users personal store when they login next time

I have already gone through this link: https://social.technet.microsoft.com/Forums/ie/en-US/d9c8eb61-5c15-4b81-9b9b-a20477462903/install-pfx-cert-in-user-personal-store-via-gpo?forum=winserverGP

However, owing to security issues, how do I encrypt the password so its not visible to end users? Also needed the powershell version of the script.

Also will the auto enrollment option mentioned in the above link work in this case?

TIA

windows-serverwindows-server-powershellwindows-active-directorywindows-group-policy
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

LimitlessTechnology-2700 avatar image
0 Votes"
LimitlessTechnology-2700 answered

Hello @BijuThankappan-2567,

Thank you for your question.

Please follow these steps, it will help you:

Deploy a profile
In the Configuration Manager console, go to the Assets and Compliance workspace. Expand Compliance Settings, expand Company Resource Access, and then choose the appropriate profile node. For example, Wi-Fi Profiles.

In the list of profiles, select the profile that you want to deploy. Then in the Home tab of the ribbon, in the Deployment group, select Deploy.

In the deploy profile window, specify the following information:

Collection: Select the collection where you want to deploy the profile.

Generate an alert: Enable this option to configure an alert. The site generates this alert if the profile compliance is less than the specified percentage by the specified date and time. You can also select whether you want an alert to be sent to System Center Operations Manager.

Random delay (hours): For certificate profiles that contain Simple Certificate Enrollment Protocol (SCEP) settings, specify a delay window to avoid excessive processing on the Network Device Enrollment Service (NDES). The default value is 64 hours.

Specify the compliance evaluation schedule for this...profile: Specify how often the client evaluates compliance for this profile. Select a Simple schedule or configure a Custom schedule. By default, the simple schedule is every 12 hours.

Select OK to close the window and create the deployment.


For more information please go through this link:
https://docs.microsoft.com/en-us/mem/configmgr/protect/deploy-use/deploy-wifi-vpn-email-cert-profiles

If the reply was helpful, please don't forget to upvote or accept as answer.

Thanks,

Bharti B

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.