We have a certificate authority / server in our domain. If we install new machines and join them to the domain, they automatically receive the root certificate in their Trusted Root Certification Authorities store. However, our PC group often uses a Windows 7 image when deploying new machines, but machines created from this image don't seem to get this certificate when they join the domain.
What could be different to prevent these machines from receiving the certificate?
One of our PC Technicians discovered that it was the McAfee Virus Scan software that was blocking the certificate from downloading. The Virus Scan software is built into all of our images.
The only workaround we currently have is to disable the Virus Scan, join the domain, then re-enable the Virus Scan.