Help

Computer cert being auto deleted from keychain

DEllis05
New Contributor

Posted on ‎10-27-2021 05:47 AM

When binding Macs to our domain we will import a computer cert so that the users Mac will be able to connect to our VPN and enterprise connect (can't do so without this cert). I have a user who is having this cert get auto removed from keychain and thus making him unable to connect to internal resources when working remotely. The cert that we import comes from our CA and is verified upon being imported.

My question is, is there a way I can look and see how/why this cert was removed?

0 Kudos
Reply
4 REPLIES 4

LovelessinSEA
Contributor II

Posted on ‎10-27-2021 08:49 AM

What is the scoping you're using for the configuration profile that has the AD certificate payload? I ran into this early on if the machine fell out of scope and the profile was removed, it removed the cert too. 

0 Kudos
Reply

DEllis05
New Contributor
In response to LovelessinSEA

Posted on ‎10-27-2021 09:09 AM

Scope is set to all computers. I even double checked the expiration date and it is set to 3/2025. 

0 Kudos
Reply

szultzie
Contributor II

Posted on ‎05-25-2022 12:16 PM

im seeing the same issue in our environment, @DEllis05 have you had any luck finding the cause, and a solution?

0 Kudos
Reply

Sylvain
New Contributor II
In response to szultzie

Posted on ‎07-09-2024 03:36 PM

We have the same problem in our environment. We also use the AD certificate payload. Sometimes the AD certificate as well as the configuration profile gets deleted. We have observed this problem whether the configuration profile is pushed via MDM features or installed manually. The protocol used by our CA server is RPC. Have you managed to resolve this issue?

Sylvain

0 Kudos
Reply