Unfortunately, your referenced article is archived by Microsoft and there are literally zero chances it will be ever updated.
Content Feedback: Certificate Enrollment Web Service Guidance
This article
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831822(v=ws.11)
In the section titled "To configure the Certificate Enrollment Web Service computer account for constrained delegation"
Step 7 specifies "type the name of the computer that is hosting the Certificate Enrollment Web Service", where it should say "type the name of the computer that is hosting the Certificate Authority"
(Note that this statement is also used in step 2, but is correct when used here).
2 answers
Sort by: Most helpful
-
-
Daisy Zhou 29,651 Reputation points Microsoft Vendor
Nov 15, 2022, 4:06 AM Hello EdmondsonJoel-8260,
Thank you for posting in our Q&A forum.
After reading the article you provided carefully, I can see:
You need to perform the following procedure only if you selected Use the built-in application pool identity when you specified the service account for the Certificate Enrollment Web Service.
To configure the Certificate Enrollment Web Service computer account for constrained delegation
It depends on how you configure the step "5. Ensure that Use Kerberos only is selected (if the authentication type was set to Windows integrated authentication during installation) or Use any authentication protocol (if the authentication type was set to Client certificate authentication during installation), and then click Add." within "To configure the Certificate Enrollment Web Service user account for constrained delegation".
If you selected Use the built-in application pool identity when you specified the service account for the Certificate Enrollment Web Service.
I think step "7. In the Select Users or Computers dialog box, type the name of the computer that is hosting the Certificate Enrollment Web Service. Click Check Names, and then click OK." within "To configure the Certificate Enrollment Web Service computer account for constrained delegation"
Should be correct.Hope the information above is helpful.
Best Regards,
Daisy Zhou============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.