I am trying to do a host checker policy to check for a valid machine certificate from our AD CA at the role mapping level. This works fine for domain computer, which are auto-enrolling via Group Policy. However, for non-domain computers, the host checker policy is failing with "Machine certificate was not found".
For the non-domain computers, I am submitting a cert request to our CA. Then I import the certificate to the Personal certificate store for the Local Computer. I also tried importing the AD CA certificate into Trusted Root Certification Authorities in the Local Computer store.
Could someone point me in the right direction?
Thanks.
Solved! Go to Solution.
Discovered the issue was in the certificate creation. The machine didn't have the private key, which is why the Host Checker policy was not succeeding.
Discovered the issue was in the certificate creation. The machine didn't have the private key, which is why the Host Checker policy was not succeeding.