Client Certificate for Distribution Points:

Log on to Certification Authority, right click Certificates Templates and choose Manage. 


Right click on Workstation Authentication and select Duplicate Template. 



Choose windows Server 2003 Enterprise



Give a relevant name to the certificate template


Open Request Handling Tab and select Allow




Click Security Tab, choose Enterprise Admins group REMOVE Enroll permission and make sure only Read and Write permission are given.



Click Add, choose SCCM Site Servers group. Make sure Read and Enroll permission are given. Apply and OK.



Return to Certification Authority, right click Certificate Templates/New/Certificate Template to Issue


Select the certificate template you just created. 




 Requesting the Distribution Points Certificate:

Log on to Site Server and request the Distribution Points Certificate. To do that follow the procedures below.

Start/Run/ type mmc

Click File/Add-Remove Snap-In

Choose Certificates and click Add

Choose Computer Account

Choose Local Computer/Finish

Hit OK


 Expand personal Certificate store and right click on Certificates/All Tasks/Request New Certificate



Click Next



Check Distribution Point Certificate, hit Details and then Properties. Normally friendly name would be empty for the certificate, but I want to add a friendly name to distinguish the certificates. I will just type ClientCertForDPs as friendly name.

Now click the Enroll button. After certificate is installed, click the Finish button.




Right click the Distribution Points Certificate/all Tasks/Export




Choose Export Format as below.



To keep the exported certificate safe, specify a password.



Enter the path where you are going to keep this certificate and click Next and Finish. The path should be a shared folder and SCCM server should have right to access this shared folder or just keep this certificate on SCCM Server itself.



 We created all certificates that we need. Now we need to do some additional configurations. That is what Part4 covers.


Hylafax Installation on Debian

Easy to start HylaFAX is a free linux-based fax server. It is used by many companies worldwide. In this article, we are going to install and configure HylaFAX.


Creating Multiple Users on Active Directory

Docs / SupportIf you are working in an organization which receives a lot new users on several periods of the year, then you should handle creation of domain users  with the help of Powershell. 


How To Change Default Computer OU

Native RTL SupportWhen you join a computer to the domain, Computer Object is created and placed in Default Computer Container which is not an organizational unit and we all know that, GPOs can be only applied to Organizational Units. 


JSN Epic template designed by