Re: AutoEnrollment DCs
- From: "Paul Bergson [MVP-DS]" <pbergson@xxxxxxxxxxxxxxxxx>
- Date: Mon, 3 Dec 2007 07:57:16 -0600
If domain controllers need access to this interface to request certificates
from the certification authority, you must add the Domain Controllers
security group. You must do this because domain controllers are not part of
the Domain Computers security group.
See
http://support.microsoft.com/default.aspx?scid=kb;en-us;903220
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
"Leezy" <leezy@xxxxxxxx> wrote in message
news:OkJzDMYNIHA.5224@xxxxxxxxxxxxxxxxxxxxxxx
I am getting these 2 errors here on my server.
PDC has no problem with this, only 2nd DC has this error...
anyidea how to get rid of it ?
Thanks
leezy
Event Type: Error
Event Source: AutoEnrollment
Event Category: None
Event ID: 13
Date: 12/2/2007
Time: 11:23:00 PM
User: N/A
Computer: KNB-DC-02
Description:
Automatic certificate enrollment for local system failed to enroll for one
Domain Controller certificate (0x80070005). Access is denied.
Event Type: Error
Event Source: AutoEnrollment
Event Category: None
Event ID: 16
Date: 12/3/2007
Time: 7:22:59 AM
User: N/A
Computer: KNB-DC-02
Description:
Automatic certificate enrollment for local system failed to renew one
Domain Controller certificate (0x80070005). Access is denied.
.
- Follow-Ups:
- Re: AutoEnrollment DCs
- From: Leezy
- Re: AutoEnrollment DCs
- References:
- AutoEnrollment DCs
- From: Leezy
- AutoEnrollment DCs
- Prev by Date: Re: Replication errors: GUIDs are incorrect!
- Next by Date: Re: User security settings lost
- Previous by thread: AutoEnrollment DCs
- Next by thread: Re: AutoEnrollment DCs
- Index(es):
Relevant Pages
|
