Internal certificates for desktop phones

We are looking at a new cloud based phone system. Most use Poly or Yealink phones, we use 802.1x on the network for ethernet access. Poly phones support SCEP to deploy and renewal certs, we’ve started to build a new NDES server to test the Poly phones. Below are links I’ve referenced getting this setup.

https://www.petenetlive.com/KB/Article/0000947

https://techcommunity.microsoft.com/t5/intune-customer-success/support-tip-how-to-configure-ndes-for-scep-certificate/ba-p/455125

https://social.technet.microsoft.com/Forums/en-US/fa79c7f6-5ef3-4293-be3a-07b9902d5e8a/issues-configuring-ndes

https://learn.microsoft.com/en-us/mem/intune/protect/certificates-scep-configure

https://support.poly.com/support/s/article/Do-Poly-phones-support-Windows-SCEP-certificate-provisioning

Windows Server 2012 R2 NDES Woes (keyfactor.com)

“the account managing the enrollments will need those permissions on the cert templates.”

To fix this message we had to change the registry value to match the template we wanted to use.

https://www.ucprimer.com/tech-blog/deploying-8021x-eap-tls-with-polycom-vvx-phones-using-scep-simple-certificate-enrollment-protocol

Active Directory Certificate Services (AD CS): Network Device Enrollment Service (NDES) – TechNet Articles – United States (English) – TechNet Wiki (microsoft.com)

Device Certificates on Polycom Phones (FP 37148)

Tags:

September 28, 2022 by microsoft

jayb

Christ follower, husband, father, IT geek, and Xbox gamer

You may also like...

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,216 other subscribers