My company has an Enterprise Certification Authority running on a domain controller. The Enterprise CA was installed to deploy computer certificates to be used for authentication with a wireless system. In the Certification Authority snap-in, next to the "computer" certificate template in the POLICY folder, the intended purpose is listed as "client authentication, server authentication." There is a group policy assigned to automatically deploy computer certificates to domain clients. With this configuration in place, are the computer certificates used in any way during the logon process when logging on using control-alt-delete? (I thought that computer certificates could only be used for authentication in conjunction with IPSec, L2TP, SSL, smart card logon or S/MIME, but recently I heard a suggestion that if the computer template is configured and deployed automatically via Group Policy, the computer certificates become integrated with the control-alt-delete logon process and are then required for AD authentication.)
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!