Up until recently whenever someone on the network went to a site that required an SSL certificate it would say that there is a securuty risk confirm exception blah blah blah, I managed to fix that but only after confirming the first time. Lets use gmail.com as an example, every single time I went to the site the security warning popped up, now it pops the first time and then never again even after restarting, wonderful just what I wanted. Now here is my problem, I have to do this to about 300 computers, is there a way aside from going to each one individually to get all these certs out there?
There was no plan before, was a simple mistake of an asynchronus clock with kerberos, we synched the clock with the server and problem solved, for one machine that is, now to apply to a bunch. Thank you for the idea of login scripts.
Then you have to plan ahead for the next time. Remember that by default, Windows doesn't do this. Think of the million bad things that would happen if Windows allowed you to push a change like this from your admin PC. Oh wait, that's more than a million isn't it?
Get your IT team and CIO in a huddle to migrate to your choice of a managed solution.