I'm trying to configure LDAPS by creating a local CA. I tried to populate the field in GPO "enrollment policy server URI"
Computer Configuration > Policies > Windows Settings Security Settings > Public Key Policies > Certificate Services Client - Certificate Enrollment Policy [edit] Configuration Model: Enabled > Add > Enter enrollment policy server URI: ?
I tried the DNS name and CA name https://cw-fs.inter.contoso.com/ADPolicyProvider_CEP_Kerberos/service.svc/CEP https://cw-ca.inter.contoso.com/ADPolicyProvider_CEP_Kerberos/service.svc/CEP
and error: The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
The CA Role has been installed and configured after following this https://blogs.technet.microsoft.com/russellt/2016/06/03/custom-ldap-certs/ and creating a custom Kerberos Certificate template. I'm stuck on this step Right-Click the "Personal" store and select "Request New Certificate". Click "Next" twice until the screen with available templates appears. Select the check box next to our "Kerberos Authentication (Offline Request)" Template and then click the hyperlink "More Information is required ...." below the name
I cannot find the new template, let alone the URI of the CA server.
URI is NOT in CA > IIS console > Application settings (option doesn't exist)
What is the URI? Where can I find it or is it just "turned off?"
I expected the URI to populate itself once the CA role was installed.