I am running Windows 2008, and have an Enterprise CA installed. How can I make all servers auto-enlist to get a certificate for RDP? I don't want to have to do this manually on each machine.
You can do this using a Group Policy Object (assuming you're running an Active Directory).
The settings should be part of the Computer Configuration section of the GPO under "Windows Settings -> Security Settings -> Public Key Policies/Autoenrollment Settings".
Assuming you've created a Certificate Template for this certificate auto-enrollment, you can use other group policy settings to enable the requirement of TLS-RDP connections.
This MSDN article has the names of the specific settings in Windows 2008.
You can do this using a Group Policy Object (assuming you're running an Active Directory).
The settings should be part of the Computer Configuration section of the GPO under "Windows Settings -> Security Settings -> Public Key Policies/Autoenrollment Settings".
Assuming you've created a Certificate Template for this certificate auto-enrollment, you can use other group policy settings to enable the requirement of TLS-RDP connections.
This MSDN article has the names of the specific settings in Windows 2008.
technet.microsoft.com/en-us/library/cc771869(WS.10).aspx
Good luck!