If a user is resetting the keychain the certificate that was applied from ADCS is of course gone. The configuration profile for the ADCS certificate is still there, but when will it re-apply the certificate again ?
Or must there be made something more fancy that if certificate does not exist ir will remove and add the config profile ?
+13https://support.apple.com/en-us/HT204446
says
profiles -W -p <profileIdentifier value>
however
https://support.apple.com/en-us/HT204836
says
Certificates that automatically renew can't be renewed manually, including in Profiles preferences or using the profiles -W command. Automatic renewal occurs on the same schedule that determines when to show the Update button in Profiles preferences, or when to send the user a notification that the certificate is expiring.
So, no idea, last resort would be to un-scope and re-scope the profile, but that would suck as a workflow...
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
