after first installing the server 2008 enterprise root CA, all clients automaticly got the CAs cert it their Trusted root Certs store.
i see new PCs are not getting this.
here i see that this work by default with GPO (is this the same with server 2008 CA ?)
http://technet.microsoft.com/en-us/library/cc776874(WS.10).aspx
is this automaticly created in the "default domain policy"?
and if i dont find it there (maybe deleted by mistake) can it be recreated by the following?
http://technet.microsoft.com/en-us/library/cc758128(v=ws.10).aspx