Certificate not visible for NDES enrolment

Federico Staiano 116 Reputation points
2021-10-19T10:56:00.633+00:00

Hello All,

I am configuring a PKI with NDES service, I got to the point when I configured all the accounts and role and I need to require a certificate from the NDES server, when I click on "create a new request", I have no template even if I Create the Intune template and publish it, I gave the permissions to the Service Account etc.

I am just getting an empty list as show below:

141782-image.png

where instead I should be seeing the certificate I have duplicated as in the guide here https://thewindowsupdate.com/2019/05/06/support-tip-how-to-configure-ndes-for-scep-certificate-deployments-in-intune/

Any help would be really appreciated I can only think is a permissions problem? I am sure I gave all the request permissions but I do not know at this point.

Thanks

Regards

Federico

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,446 questions
0 comments No comments
{count} votes

Accepted answer
  1. Crystal-MSFT 51,046 Reputation points Microsoft Vendor
    2021-10-20T01:26:38.493+00:00

    @Federico Staiano . Thanks for posting in our Q&A.

    From the picture you provided, I notice we are manually request a certificate from a computer and the step is on Certificate enrollment policy. We can select "Active Directory Enrollment Policy" and click next to see if the certificate template is there. If not, we can click "Show all templates" to see if we can see our certificate template and what is the error for this template.
    141945-image.png

    Meanwhile, to request local computer certificate, please follow Nick's suggestion to grant the computer account with read and enroll permission on the certificate template.

    Hope the information can help. If there's any update, feel free to let us know.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


1 additional answer

Sort by: Most helpful
  1. Nick Hogarth 3,436 Reputation points
    2021-10-19T22:25:29.127+00:00

    Have you given the computer account that you are running certificate manager on permission to read and enroll the certificate?

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.