I have a 2003 enterprise CA (64 bit) with a single domain controller on a separate 2003 server.Logging onto the CA server with Enterprise Admin rights and launching certtmpl mmc snapin. Right click on the certificate template and select manage. Right click on the "Computer" templateand changed the name to "Server Authentication", only a couple of changes, then on the security tab I set Authenticated users to read and Enroll for the permissions.Exited that page.My understanding is that at this point that new template should be visible in the result pane when the Certificate Templates is selected. But it is not.I ultimately want this template to be available on the CertSrv site but I can't even get past the first step.The process is fairly straight forward so either I am doing something really basic wrong or something is not setup correctly. Any ideas??

One other thing: When your custom template is opened, on the General tab, did you check the box Publish certificate in Active Directory ?? If you do not see that checkbox, then you are not running Enterprise Edition...you would be running Standard Edition.Also, please explain what your steps were again. In your initial step-by-step instruction, you're speaking in somewhat "generalized" terms. Please be more specific about each step you took. I think that would make things clearer for everyone reading.Not being critical...just trying to help.

This doesn't make sense. You cannot edit the "Computer" template. It is a v1 template that does not allow any changes.I'm going to guess that you made a duplicate of the "Computer" template and changed the settings as you described above. After you save the new template: "Server Authentication" You must publish it. In the CA snap-in, right click on the "Certificate Templates" folder and click on "New template to issue" [or something like that]. Then select your template: "Server Authentication" At the very least you should be able to see your template when you enroll through certmgr. Andrew

Yes, the "Server Authentication" was duplicated from the Computer template (version 5.1 ) and the created template "Server Authentication" is version 101.8, version 2 as I understand things. From the result panel you right click, select new and then "Certificate Template to Issue" and all the templates that have read and enroll permissions should show up, but they don't. So until I can get my new template to be shown in the "Enable Certificates Templates" select box I am stuck.

Try the following:- When you clickon "Certificate Template to issue" you see a list of templates. Remember the name of one of them.- Cancel the dialog- Then duplicate the template that you remembered the name of. - Now, click back on "Certificate template to issue" and see if the new template that you have created is in that list?Is it?Also, is the "Computer" template issued by this CA or not? If it is not currently issued by the CA then do you see it in the list of templates from the "Certificate template to issue" dialog?Andrew

I duplicated the Exchange user. Checked the eventlog, nothing. The copy did NOT show in the "Certificate Template to Issue" list.Waited a while, maybe 5 minutes, still nothing.Scott

On the second question. I believe that the "Computer" template was issued by the CA, and it does show up in the "Certificate Templates" result pane. When you look at it from the "Certificate Templates" view it has a version of 5.1. In fact all the visible templates have a single digit version, template version 1. Don't know if that is significant.Scott

Hi, Please check the Edition of the operating system, certificates that are based on Version 2 templates can only be issued by a certification authority that is running Windows Server 2003, Enterprise Edition, or Windows Server 2003, Datacenter Edition. If you are using Windows Server 2003 Standard Edition, the version 2 templates will not show in the "Certificate Template to Issue" list. For more information: Version 2 certificate templates http://technet.microsoft.com/en-us/library/cc779783.aspx

When I saw your reply I was about to dismiss it, but then I went back the server where the CA is running and sure enough it is a 2003 R2 standard not an enterprise. Thanks, for your response. I need to get that server reinstalled with the correct version.Scott