Enabling autoenrollment for users
Configure the PKIaaS WSTEP Group Policy Object to enable autoenrollment for users.
To enable autoenrollment for users
In the navigation tree of the new PKIaaS WSTEP Group Policy Object, e xpand User Configuration > Policies > Windows Settings > Security Settings > Public Key Policies.
In the content pane, right-click Certificate Services Client Auto Enrollment and select Properties to display the Certificate Services Client Auto-Enrollment Properties dialog box.
Select Enabled in the Configuration Model drop-down list.
Check the following boxes:
Renew expired certificates, update pending certificates, and remove revoked certificates
Update certificates that use certificate templates.
Optionally, change the percentage under Log expiry events and show expiry notifications when the percentage of remaining certificate lifetime is.
Click OK.