To Configure certification authority, you need to follow below steps:
- Create a domain user account to use as the NDES service account. You will specify this account when you configure templates on the issuing CA before you install and configure NDES.
- Create a new custom template or copy an existing template and then edit an existing template (like the User template), for use with NDES.
- Specify a friendly Template display name for the template “IntuneTemplate”
- On the Subject Name tab, select Supply in the request. (Security is enforced by the Intune policy module for NDES).
- On the Extensions tab, ensure the Description of Application Policies includes Client Authentication.
- On the Security tab, add the NDES service account, and give it Read and Enroll permissions to the template.
- Click Apply and OK
- Select the Certificate Templates node, click Action-> New > Certificate Template to Issue
- Select the template you created in
- Validate that the template published by viewing it under the Certificate Templates folder.