We are looking at a new cloud based phone system. Most use Poly or Yealink phones, we use 802.1x on the network for ethernet access. Poly phones support SCEP to deploy and renewal certs, we’ve started to build a new NDES server to test the Poly phones. Below are links I’ve referenced getting this setup.
“the account managing the enrollments will need those permissions on the cert templates.”
To fix this message we had to change the registry value to match the template we wanted to use.