CLASS User CATEGORY !!CertSvcClient KEYNAME "Software\Policies\Microsoft\Cryptography\AutoEnrollment" POLICY !!CredentialRoaming EXPLAIN !!CredentialRoaming_Explain VALUENAME "DIMSRoaming" VALUEON NUMERIC 1 PART !!CredentialRoaming_Box TEXT END PART PART !!CredentialRoaming_TombstoneValue NUMERIC REQUIRED VALUENAME "DIMSRoamingTombstoneDays" MIN 1 MAX 3650 DEFAULT 60 SPIN 30 END PART PART !!CredentialRoaming_MaxNumTokens NUMERIC REQUIRED VALUENAME "DIMSRoamingMaxNumTokens" MIN 1 MAX 10000 DEFAULT 2000 SPIN 100 END PART PART !!CredentialRoaming_MaxTokenSize NUMERIC REQUIRED VALUENAME "DIMSRoamingMaxTokenSize" MIN 1 MAX 100000 DEFAULT 65535 SPIN 1000 END PART END POLICY END CATEGORY [strings] CertSvcClient="Certificate Services Client" CredentialRoaming_Explain="This policy setting specifies the behavior für User X.509 certificates, requests, and key roaming.\n\n User certificates and keys will be roamed and synchronized between the local User profile on the desktop and the User object in Active Directory when a User logs on interactively.\n\nIf you enable this policy setting, all X.509 certificates, keys, and enrollment requests will be uploaded and synchronized with the User object in Active Directory. You should also enable folder exclusion policies for roaming User profiles to avoid any conflicts in the use of multiple roaming technologies.\n\nIf you disable this policy setting, all future synchronization and roaming will cease, but no keys or certificates will be deleted from the local User profile or Active Directory User object.\n\nIf you do not configure this policy setting, User certificate and key roaming will not be performed.\n\n Note: Folder exclusion policy settings may be configured in the User profiles section of the System administrative template.\n\n" DisableAll="None" CredentialRoaming="X.509 certificate and key roaming" CredentialRoaming_Box="Specific Credential Roaming settings:" CredentialRoaming_TombstoneValue="Maximum tombstone credentials lifetime in days:" CredentialRoaming_MaxNumTokens="Maximum number of roaming credentials per User:" CredentialRoaming_MaxTokenSize="Maximum size (in bytes) of a roaming credential:"