On each AD server:
Start/Run
Type in "mmc" and hit return
File/Add-Remove Snap In/Certficates/Add/Computer Account
![Screenshot from 2017-09-29 07-28-19.png Screenshot from 2017-09-29 07-28-19.png](https://community.meraki.com/t5/image/serverpage/image-id/429i30472EC186D5F37B/image-size/large?v=v2&px=999)
Next/Finish/OK
Expand Certificates/Personal/Certificates
![Screenshot from 2017-09-29 07-29-43.png Screenshot from 2017-09-29 07-29-43.png](https://community.meraki.com/t5/image/serverpage/image-id/430i14597324C97C9FFE/image-size/large?v=v2&px=999)
Right click on "Certificates", All Tasks, Request New Certificate, Next
If you have deployed a CA you should be able to choose "Active Directory Enrolment Policy".
![Screenshot from 2017-09-29 07-31-20.png Screenshot from 2017-09-29 07-31-20.png](https://community.meraki.com/t5/image/serverpage/image-id/431iBF82071468FD759A/image-size/large?v=v2&px=999)
Click Next. Select all the options available.
![Screenshot from 2017-09-29 07-32-55.png Screenshot from 2017-09-29 07-32-55.png](https://community.meraki.com/t5/image/serverpage/image-id/432iE2A6378441F0A1D4/image-size/large?v=v2&px=999)
Click Enroll and you are about done.