Ping a Specific Port

Question

StanTastic

Asked: 2020-09-05 02:25:52 +0800 CST2020-09-05 02:25:52 +0800 CST 2020-09-05 02:25:52 +0800 CST

Active Directory Certificate Services: what triggers autoenrollment?

772

In my AD environment, I deployed a template that provides RDP certificates for servers. It's set on autoenroll.

The problem is, most of the servers work as I would expect: the got the certificate and it's enough for them. However, few servers get a new certificate every 12 hours. I read the article https://social.technet.microsoft.com/wiki/contents/articles/38085.certificate-autoenrollment.aspx and I understand what is happening, but I don't get WHY this is happening - what triggers the server to request a new cert even though one already exists?

I don't want to publish the certs in AD, especially since only a few servers are showing this anomaly - others are fine. All the certificates generated this way are still valid, and the private key exists.

1 Answers

Voted

StanTastic · Answer 1 · 2020-09-05T02:32:52+08:00

Best Answer

StanTastic

2020-09-05T02:32:52+08:002020-09-05T02:32:52+08:00

OK, now I found the answer: https://support.microsoft.com/en-us/help/2531138/remote-desktop-server-certificates-are-renewed-two-times-a-day-despite. It's a bug in Windows 2008/R2.

0

Active Directory Certificate Services: what triggers autoenrollment?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?