# Active Directory {% hint style="warning" %} SCEPman Enterprise Edition only Applicable to version 3.0 and above {% endhint %} SCEPman can be configured to handle SOAP requests coming from Windows client to allow for an easy deployment option for Active Directory joined clients that can only be configured using group policies. By creating a service principal in your on-premises AD-environment, we can allow SCEPman to accept SOAP requests of a domain-joined Windows client requesting a certificate. With Kerberos being used as authentication protocol the identity of the requester can be ensured and SCEPman will respond with a valid certificate. All supported versions of Windows supports this enrollment method natively and no additional software is required on these computers. {% content-ref url="/pages/ePTTQ0eRxIkwmTBwPTu2" %} [General Configuration](/certificate-management/active-directory/general-configuration.md) {% endcontent-ref %} {% content-ref url="/pages/iiZzMs0u0rdCY8R6d5ox" %} [Group Policy](/certificate-management/active-directory/group-policy.md) {% endcontent-ref %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.scepman.com/certificate-management/active-directory.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.