TPM-CSP Autoenrollment failing with 0x8010002e SCARD_E_NO_READERS_AVAILABLE

We’re attempting to enroll for certificates using a TPM chip on a laptop – it fails when autoenrollment is involved but works when done manually via the MMC.   According to http://msdn.microsoft.com/en-us/library/bb905527.aspx on the Smart Card Resource Manager service: “By default, the service is configured for manual mode. Smart card reader driver authors must configure the…


ADCS has become site-aware in Windows Server 2012

One of the largely unheralded big new features of Active Directory Certificate Services is that it can now be configured to be site-aware! This is accomplished by following the detailed steps that are described on the ADCS Wiki link below. The short version is however as follows: set the CA to detect which AD site it is in by running the following…