Hello,
I hope this is the right forum for posting this message.
I just finished deployin in my organization an AD CS (Active Directory Certificate Services) in order to create S/MIME certificate for all users to allow them to Sign and Encrypt emails.
I'm using Windows 2008 Enterprise Edition, and Exchange 2007.
All users have Outlook 2007 on their workstations.
I duplicate the User Certificate Template and configured Autoenrollment for users and the appropriate GPO as well - and users are getting their certificate correctly.
I do have other questions:
1. User template includes more than just digitally sign and encrypt emails (EFS for example), are there any other template that I can duplicate that does only signing and encryption of emails?
2. after each user got his new certificate, I still need to go the outlook of each user in order to configure in under the Option -> Trust Center and mark "Digitally sign" and "Encrypt" all outgoing emails. is there a way to do it by Script or GPO (ADM)?
3. Under the outlook trust center settings, there is an options to "Publish To Gal", although I'm performing Autoenrollment, and each user got his certificate in the Active Directory, I still can't send a new encrypted email to someone before he is sending me a digitally signed email and I'm replying to it. is there another way to do it? or perform the "Publish to gal" by a script?
Best Regards,
Ploni.