Hi All, We have enable credential roaming in our AD environment and is has been working great for a few months until now...I now see my certificate server issuing user certs for users who have already been issued the cert...it seems as tho credential roaming is no longer working... i have verified that the GPO is still active and enable and that the schema still does contain the msPKI attributes...does anybody have any ideas as to why this is occuring? Thanks!

Hello, which OS version are you talking about? Are you aware of the update so it worls like in Windows Vista: http://support.microsoft.com/default.aspx?scid=kb;en-us;907247&sd=tech Alos see: http://technet.microsoft.com/en-us/library/cc700848.aspx If this doesn't heolp please use the security forum instead this one: http://social.technet.microsoft.com/Forums/en/winserversecurity/threadsBest regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

Hi, The following article might be helpful to trouble the issue. Configuring and Troubleshooting Certificate Services Client–Credential Roaming http://technet.microsoft.com/en-us/library/dd277392.aspx BrentPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

OK, i think i found a possible reason....Is Credential Roaming supported on a Windows XP SP2 x64 machine? I know it was only introduced with XP SP3 however there is no SP3 for x64 machines...is this a possible reason?

Issue has been resolved. Problem was a downlevel GPO that contained "User Loopback Processing" which is fine but it specified the parameter of "Replace" rather then "Merge" Setting this to "Merge" resolved our issue...