I have an enterprise certificate authority installed on a domain (DOM1). This domain has a trusted domain (DOM2).
I have configured CEP/CES so that from the trusted domain I can request certificates from the certificate authority of the main domain.
I have generated a computer certificate so that it can be installed on the computers in the trusted domain (Dom2).
The permissions of this certificate that I have configured are:
Dom2\domains computer -> read, enroll
The problem is that when I request the certificate from a domain 2 computer, this certificate does not see it.
However, the user level certificates that are configured do see it.
The user level certificate has the permission:
Dom2\domain user -> read, enroll.
Why doesn't it see the "computer" level certificate?
*Note: The "computer" certificate issued by default by the CA (which has the permission authenticated users -> read, enroll ) does see it. Authenticated users I understand that it will be for all the users/equipment of the domain and the trusted domain and I only want it for the trusted domain.