Log in to the CEP server using CEPAdmin user name, and then launch PowerShell in administrative mode.
Run the command Import-Module ServerManager.
Run the command Add-WindowsFeature Adcs-Enroll-Web-Pol.
Run the command Install-AdcsEnrollmentPolicyWebService -AuthenticationType UserName -SSLCertThumbprint “sslCertThumbPrint”.
Note: Replace <sslCertThumbPrint> with the thumbprint of the SSL certificate created for the CEP server, after deleting the spaces between the thumbprint values.
Complete the installation by selecting either Y or A.
Launch the IIS Manager Console.
In the Connections pane, expand the web server that is hosting CEP.
Expand Sites, expand Default Web Site, and then click the appropriate installation virtual application name: ADPolicyProvider_CEP_UsernamePassword.
In the virtual application called Home , double-click the application settings, and then double click FriendlyName.
Type a name under Value and close the dialog.
Double‑click URI, and then copy Value.
Notes:
- If you want to configure another authentication method on the same CEP server, then you must change the ID.
- This URL is used in MVE or any client application.
From the left pane, click Application Pools.
Select WSEnrollmentPolicyServer, and then from the right pane, click Actions > Advanced Settings.
Select the identity field under Process Model.
In the Application Pool Identity dialog box, select the custom account, and then type CEPSvc.
Close all dialog boxes, and then recycle IIS from the right pane of the IIS Manager Console.
From PowerShell, type iisreset to restart IIS.