Using Group Policies, you can import Certificates of Root Authorities or other Trusted Certificates. It’s also possible to use auto enrollment to deploy Certificates to Users, if an internal enterprise CA is used to handle the requests. But you cannot deploy one single standalone Certificate with private key to many users.
This can only be done using a script, ran using GPO’s or in an existing login script – if there’s still one in place.
Use this command to import a PKCS#12 file (*.pfx or *.p12) into user’s Personal Certificate store.
certutil -importpfx -f -user -p "test" test.p12 NoRoot
Put your private key’s passwort after Parameter “-p”; in my example, the password was “test” and the PKCS#12 file is called test.p12.