I have set up a PKI infrastructure for my users, all is working fine : the CA, auto-enrollment, certificates published in AD and roaming mode enabled : everyone can log on any PC, automatically retrieve his certificate and use it to sign his emails.
BUT, there is one problem: the certificates, although published in AD (published certificates tab) are not automatically added to the GAL. One still need to go to Outlook -> Publish to GAL in order to receive encrypted emails.
There is little information on the internet, and when it's mentioned, everybody is assuming :published in AD = auto GAL publishing. But that's not the case, at least in my environment. Any idea?
Best Answer
Problem solved without any action, not sure what happened...