Which user did you used to Manage Published certificates in ADUC?
Did you have the same issue if you use the built-in administrator or members in the administrators group?
Managing Published certificates in ADU
i'm currently facing an issue, where I'm totally stuck with my research.
In our domain, I've got a bunch of Users where I can not manage the published certificates in ADUC.
What I do is:
Open Properties of a User
Click on "Published Certificates"
Get this infobox:
"You do not have sufficient rights to open the certificate store for changes. Windows will attempt to open the store in read-only mode."
On one hand side, the message is really clear, but on the other side, I just don't know where to change the permissions.
I face this issue, only on persons which have domain admin rights, but nothing change after removing them from the group (even after days not).
I would be thankful for any hint!