Hello Ted Rybicki,
Thank you for posting in our Q&A forum.
Based on the description, I understand you want to make the domain computers authenticate / re-authenticate to domain like they normally do when their certificate expires and/or after their certificate expires, am I right?
If I understand it correct, you can try:
1.Make the domain computers disconnected from domain.
2.Why do not we renew all the certificates before the certificates expires.
3.Or why do not we request all the certificates after the certificates expires.
4.We can change other authenticate methods (such as user name and password)
Hope the information above is helpful.
If you have any question or concern, please feel free to let us know.
Best Regards,
Daisy Zhou
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.