3.1.2 Client Mode: Enrollment Based on Certificate Templates

This client extends the specification in section 3.1.1 and performs certificate enrollment in an enterprise environment where the enterprise has specified enrollment policies by using certificate templates [MS-CRTD] and other Active Directory objects (see section 2.2.2.11) and where the client enforces those policies. This mode of use of the Windows Client Certificate Enrollment Protocol is invoked by some client processes, such as the autoenrollment task [MS-CERSOD], for each enrollment request.