We have a two tier PKI (2012 R2) set up in our domain. I have duplicated the Workstation Authentication template and customized it for our needs. This template has been issued and it is working fine.
However, when any client machine is reimaged, it requests another certificate once it is back on the domain. In my template, I have specified it to store the issued certificate in Active Directory, and I have the option "Do not automatically reenroll..." selected. I figured this would be enough to stop the duplication, but it is still going on.
Help!!