In my organization, we place all service & testing accounts into an OU called "Non-People Accounts". I was asked by a manager if it would be possible to prevent accounts contained in this OU from requesting certificates from the Enterprise
CA. I'm assuming this is something you can do easily with group policy, but I'm not sure how.
↧