The Centrify agent uses the Microsoft Windows certificate auto-enrollment feature to make certificates available to UNIX computers. If auto-enrollment is enabled, when a UNIX computer joins a domain, the Centrify agent requests certificates from the CA based on particular templates, and installs them on the joined computer.
To enable auto-enrollment, you must do the following:
- Enable auto-enrollment for the group policy.
- Create a certificate template with auto-enrollment enabled.