Open the CA
Right-click on “certificate template.”
Copy the default “Computer” template.
Copy the default “User” template.
Note: The newly created templates are not automatically published. To publish the template, follow these steps.
Create a group policy allowing users and computers to obtain certificates automatically.
Open the group policy editor. Create and edit the new policy.
Enable “computer” Auto-enrollment
Enable “user” Auto-enrollment
Log in with a domain user on a domain PC
A certificate was issued to the PC
A certificate was also issued to the user
A basic public key infrastructure (PKI) is in place and working as designed.