ICertificateEnrollmentServerSetup::InitializeInstallDefaults method (casetup.h)
The InitializeInstallDefaults method initializes the ICertificateEnrollmentServerSetup object with a default configuration.
Syntax
HRESULT InitializeInstallDefaults();
Return value
Return code | Description |
---|---|
|
A user must be an administrator of the domain root or the enterprise. A computer must be joined to the domain.
If the user is not a domain root or enterprise administrator, the ErrorString property is set to: "You must be a member of the Enterprise Admins group to run Setup." If the computer is not joined to the domain, the ErrorString property is set to: "The Certificate Enrollment Web Service or Certificate Enrollment Policy Web Service cannot be installed on a computer that is not a member of a domain." |
|
The ICertificateEnrollmentServerSetup object has already been initialized. The ErrorString property is set to:
"The setup object has already been initialized. This object cannot be initialized more than once." |
Remarks
This method performs the following actions:
-
Determines whether the ICertificateEnrollmentServerSetup object has already been initialized.
Note If this check fails, the method sets the ErrorString property to "The setup object has already been initialized. This object cannot be initialized more than once."
-
Determines whether the user is an administrator of the domain root or the enterprise.
Note If this check fails, the method sets the ErrorString property to "You must be a member of the Enterprise Admins group to run Setup."
-
Determines whether the computer is joined to the domain.
Note If this check fails, the method sets the ErrorString property to "The Certificate Enrollment Web Service or Certificate Enrollment Policy Web Service cannot be installed on a computer that is not a member of a domain."
- Sets the default authentication procedure to Kerberos. You can call SetProperty to change the authentication method.
-
Determines whether CES is installed on a computer running Windows Server 2008 R2.
Note If this check fails, the method sets the ErrorString property to "The Certificate Enrollment Web Service or Certificate Enrollment Policy Web Service must be installed on a member server in an Active Directory forest in which the Windows Server 2008 R2 version of ADPrep /forestprep has been successfully run."
- Sets the default server context to the ApplicationPoolIdentity built-in account.
- Sets the ENUM_CESSETUPPROP_RENEWALONLY property to FALSE.
-
Sets the ENUM_CESSETUPPROP_URL property is to "https://computerDNSname/SanitizedCAShortName_CES_Kerberos/service.svc/ces" if a valid certification authority (CA) configuration exists. If a valid configuration does not exist, the ENUM_CESSETUPPROP_URL property is not set. The SanitizedCAShortName is the sanitized short name of the CA. For more information about sanitized names, see GetConfig.
Note If the certification authority is a standalone CA, the ErrorString property is set to "The Certificate Enrollment Web Service cannot be used with a standalone certification authority (CA). It can only be used with an enterprise CA."
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows 7 [desktop apps only] |
Minimum supported server | Windows Server 2008 R2 [desktop apps only] |
Target Platform | Windows |
Header | casetup.h |
DLL | Certocm.dll |