Entrust provides an InstallEnrollmentService.ps1 PowerShell script that allows you to create, edit, and remove enrollment services in Active Directory. When editing an enrollment service in Active Directory, you can:

• Update the enrollment URLs assigned to the enrollment service.
• Update security groups (access groups) assigned to the enrollment service.

To run the script, you must use a Windows user account with Domain Admin and Enterprise Admin permissions.

• Updating the enrollment URLs for an enrollment service using a PowerShell script
• Updating the security groups for an enrollment service using a PowerShell script