Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
399
Views
0
Helpful
1
Replies

User Certificate for Dot1x deployment not showing up in Personal Store.

joeharb
Level 5
Level 5

‎01-27-2020 07:33 AM

We have setup a POC for deployment of Machine and User certs to facilitate our Dot1x deployment.  All machines that have been put in POC Gpo have received the distinct machine certificate as expected.  All but 2 of the users (10 total) have received the certificate in the Personal store, the 2 have the certificate in their AD objects store.  One of the 2 users machine had to be replaced days after the GPO was put in place so I am not sure they received the cert in the proper store, but it has been confirmed that a cert was generated for their account and it is present on their current machine but not in the Personal Store.  The second user is not currently in the office to see if they have logged into another computer during the deployment process.  I have found multiple posts that setting "Don't re-enroll if duplicates exist" could be the issue, but not certain.  I have also found the others have gotten around this by using Credential Roaming.  I am reaching out to see if any others have ran into this issue or if there are best practices that could resolve the issue.

 

Thanks,

 

Joe

0 Helpful
1 Reply 1

Jason Kunst
Cisco Employee
Cisco Employee

‎01-27-2020 11:21 AM

I'd also recommend reaching out to Microsoft forum as this is not an ISE issue
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents