This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi,
I'd like to know if I can configure a user certificate to "follow" the user instead of re-enroll on every machine.
Or is it possible to re-enroll with the key pair?
Thanks in advance,
Shlomit.
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.
Hello Shlomit S,
Thank you for posting in Microsoft Community forum.
You can configure user certificate auto-enrollment via GPO, this can enroll user certificates for AD users.
Or you can enroll a user certificate manually, then set logon script for this user to install this certificate when he/she logs on any machine.
I hope the information above is helpful.
If you have any question or concern, please feel free to let us know.
Best Regards,
Daisy Zhou