I am in the process of implementing 802.1x for both wired, and wireless clients. In the Microsoft guides that I have read, it states that Server Enterprise or Datacenter is required for Version 2 templates, duplicating/modifying templates, autoenrollment, role separation enforcement, and key archival/retrieval. Which I wouldn't question except, I have a lab setup with a DC/CA/NPS server configured as an Enterprise Certificate Authority on Server 08 R2 Standard. In this lab environment I was able to duplicate the RAS/IAS cert for the NPS server and autoenroll. And duplicate and autoenroll the computer cert. My first question is, Why is Server 08 Enterprise or Datacenter required for autoenrollment? Are there any drawbacks to using Server 08 R2 Standard? Client Limitation or Security?
My Second question is, What is the recommended validity and renewal period for the RAS/IAS cert and the computer cert?