Hi everyone.
I need some help, I have 2 domains (forest/child) and I have installed a Root CA offline out of any domain and a CA Subordinate in forest domain.
The child domain contains the users and computers and is located in a vlan that no have communication to forest domain controllers. So, the certificated are not deploying. In every server/computer in forest domain have the certificate.
If I enable on the firewall communications from child user/computer domain vlan to forest domain controllers vlan, exactly the ports 88, 135 and 445, the certificates are deploying correctly.
I have sniffed with Wireshark on the computer and I can see request to forest domain controllers from the client.
Are there any way to deploy certificates with no communication with the forest domain controllers from child computers vlan?