Hi there, I can't seem to get the Certificate Authority web auto-enrollment feature to work with Longhorn. After installing the CA Web Enrollment role service, the CertSrv and CertEnroll folders are added to IIS 7, however there are no pages that are served up when the client connects via http://<IP of CA>/certsrv/, or http://<IPof CA>/certenroll/. A comparison with Windows 2003 EE shows that there are no default pages, such as default.asp which exists within the webroot folder. I did also add auto-enrollment to the public key default domain policy, so it seems like it should work but doesn't. The client receives a "Server Error" HTTP Error 403 - Forbidden - Access is denied message when connecting. If anyone can point me in the right direction, I greatly appreciate it. THanks, Corey

Hi Corey- I'd recommend trying the Security focused TechNet forum for help from those who are more focused on these security features. In the meantime, I did speak to one of my colleagues on the PKI team and this is what he recommended: We had an issue with installing CA and web enrollment together (in the same wizard run). Ask him to try installing the CA first and after it completes install the Web Enrollment. Give that a shot and let us know if it does the trick. Cheers, Ian

Corey, Looks like you are confusing two different things. Auto Enrollment and Web Enrollment are completely separate components. There is no Auto Enrollment using Web pages. Auto Enrollment relates only to enterprise domain scenarios while web enrollment is used to manually enroll for certificates over the web. What exactly are you trying to achieve? Avi Ben-Menahem Lead Program Manager, Windows Security, Microsoft