|Subject:||how to distribute/trust a certificate throughout the whole domain|
|Posted by:||Doug P (Dou…@discussions.microsoft.com)|
|Date:||Mon, 1 Jun 2009|
Running Server 2003 SP2 and XP Pro SP3
I have installed the certificate authority on my domain controller.
I have generated a code signing certificate.
I have used this certificate to sign a Word .dot file in order to trust the
macros within it.
When users open the .dot file, they get a security prompt regarding macros.
Some users can click the 'Always trust macros from this publisher' and then
they can enable the macros. For other users this option is greyed out. This
doesn't appear to be a permissions thing because I was able to choose always
trust on one computer with a non-admin user and I can not choose always trust
on another computer even with an admin user.
If possible, I would like to use group policy or something to enable this
certificate or CA to be trusted by every computer in the domain but I haven't
been able to find how to do this.