deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-22 13:53:39 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Paolo Matarazzo
2022-11-15 17:14:08 -05:00
parent 4801714795
commit 14104f2d66
1 changed files with 17 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
View File

@ -1,6 +1,6 @@
--- ---
title: Deploy certificates to cloud Kerberos trust and key trust users to enable RDP title: Deploy certificates to cloud Kerberos trust and key trust users to enable RDP
description: Learn how to deploy certificates to a cloud Kerberos trust and key trust user to enable remote desktop with supplied credentials description: Learn how to deploy certificates to a cloud Kerberos trust and key trust user to enable remote desktop with supplied credentials.
ms.prod: windows-client ms.prod: windows-client
author: paolomatarazzo author: paolomatarazzo
ms.author: paoloma ms.author: paoloma
@ -84,13 +84,24 @@ Follow these steps to create a certificate template:
1. Open an elevated command prompt and change to a temporary working directory 1. Open an elevated command prompt and change to a temporary working directory
1. Execute the following command, replacing `<TemplateName>` with the Template name you took note of earlier in step 7c 1. Execute the following command, replacing `<TemplateName>` with the Template name you took note of earlier in step 7c
`certutil -dstemplate <TemplateName> > <TemplateName.txt>`
```cmd
certutil -dstemplate <TemplateName> > <TemplateName.txt>
```
1. Open the text file created by the command above. 1. Open the text file created by the command above.
1. Delete the last line of the output from the file that reads `CertUtil: -dsTemplate command completed successfully.` 1. Delete the last line of the output from the file that reads\
1. Modify the line that reads `pKIDefaultCSPs = "1,Microsoft Software Key Storage Provider"` to `pKIDefaultCSPs = "1,Microsoft Passport Key Storage Provider"` `CertUtil: -dsTemplate command completed successfully.`
1. Save the text file. 1. Modify the line that reads\
`pKIDefaultCSPs = "1,Microsoft Software Key Storage Provider"` to\
`pKIDefaultCSPs = "1,Microsoft Passport Key Storage Provider"`
1. Save the text file
1. Update the certificate template by executing the following command: 1. Update the certificate template by executing the following command:
`certutil -dsaddtemplate \<TemplateName\>.txt`
```cmd
certutil -dsaddtemplate <TemplateName.txt>
```
1. In the Certificate Authority console, right-click **Certificate Templates**, select **New > Certificate Template to Issue** 1. In the Certificate Authority console, right-click **Certificate Templates**, select **New > Certificate Template to Issue**
![Selecting Certificate Template to Issue.](images/rdpcert/certificatetemplatetoissue.png) ![Selecting Certificate Template to Issue.](images/rdpcert/certificatetemplatetoissue.png)