Auto enrollment Domain Certificate not working (error 13)
- From: Cristian <Cristian@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 3 Mar 2009 10:53:01 -0800
Hi we have problem with getting the domain controller to get Certs.
The error in the log is Error 13
If we manually try to get a cert from a dc(Certificate Enrollment,Domain
Controller) we get the result "The RPC server is unavailable" (and error 13
is logged in the event log)
(like many other) And we found a(many) tip to run:
certutil -setreg SetupStatus -SETUP_DCOM_SECURITY_UPDATED_FLAG
net stop certsvc
net start certsvc
It reports that the old value was 6003 and so on. And the new value is 4003.
Restart certsvc and when it started and we run the command above it says
that it's old value is 6003 again (If we don't restart the service it says
that its 4003)
The Group exists in the domain and the domain controllers are added. But if
we look in the Component manager the Certsvc_dcom_access group doesn't exist
under "Com Security"- "Access Permission" or "Launch and Activation
Permission". I have tried to add it myself but with no difference. (I removed
it again because it didn't work.And the article I found kb 927066 specified
that it would be there when we ran the above command.)
Now we think we have tried all the solutions in the world with no different
results..
Thanks for the help..// Cristian
Ps. The system is CertSvc=Windows 2008 Std (DC and Exchange server) This one
actually have a Domain Cert issued also.
then we have 1 windows 2008 std as DC and 1 Windows 2003 std as DC Both
without a Certificate
.
- Prev by Date: RE: 2008 replication
- Next by Date: Domain controller trying to communicate with itself via outside ip address
- Previous by thread: 2008 replication
- Next by thread: Domain controller trying to communicate with itself via outside ip address
- Index(es):
Relevant Pages
|
