I have Windows Server 2102 R2 and our AD team created a certificate template and assigned the permissions of enroll and read to a group my server is included it. However my machine is not listing the template as an option.
When I run certutil -Template It shows the permissions on the template properly, my machine and group are listed with enroll and read.
However, when I run certutil -ADTemplate the template shows as access denied. I am running this command from the machine with the assigned permissions.
Anybody have any ideas on what could be stopping my machine from using the template or other commands I can try to get a specific error?
To enroll the certificate I opened the MMC and added the certificate plugin. I then chose computer(local). I went to all tasks and request new certificate. In the wizard I chose active directory enrollment policy and the template was not one of the options so I checked show all and it shows the template I was trying for then however showing not available.
