In this tutorial, I will explain how to set up an enterprise CA that is linked to an Active Directory, unlike the stand-alone CA.
This type of CA allows you to automate certificate generation with direct submission to the CA. Automatically issue computer and user certificates to, for example, secure VPN access with Windows NPS.
The server where the role will be installed must be a member of the domain. Ideally you have to dedicate a server to this role.