RE: Event ID 13 - AutoEnrollment
- From: briandel@xxxxxxxxxxxxxxxxxxxx (Brian Delaney [MSFT])
- Date: Mon, 23 Oct 2006 23:26:11 GMT
Hi,
The CERTSVC_DCOM_ACCESS group if the CA was installed on a DC will be in
the Users container in Active Directory Users and Computers by default. If
the CA was installed on a member server it will be a local group which can
be accessed via the Local Users and Groups snapin. This error typically
occurs when Certificate Services is on a DC because the group only contains
Domain Computer and Domain Users. DCs are in neither of these groups so
the error is thrown. Add the Domain Controllers group to the
CERTSVC_DCOM_ACCESS group. A reboot may be required to quickly resolve
this so a new token is generated.
Hope this helps,
Brian Delaney
Microsoft Canada
--
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
Thread-Topic: Event ID 13 - AutoEnrollment
thread-index: AcbsdaM9aIrB4VlfRtyOe9x+X6TISA==
X-WBNR-Posting-Host: 12.149.191.100
From: =?Utf-8?B?YnV0dGVy?= <butter@xxxxxxxxxxxxxxxxxxxxxxxxx>
Subject: Event ID 13 - AutoEnrollment
Date: Tue, 10 Oct 2006 07:09:02 -0700
I understand that after SP1 was installed a new security group
CERTSVC_DCOM_ACCESS should have been created. I cannot find this group
anywhere. I also do have Certificate Services running.
Event Type: Error
Event Source: AutoEnrollment
Event Category: None
Event ID: 13
Date: 10/10/2006
Time: 2:54:11 AM
User: N/A
Computer: TULDC01
Description:
Automatic certificate enrollment for local system failed to enroll for one
Domain Controller certificate (0x80070005). Access is denied.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
.
- Prev by Date: RE: Certificate New Template
- Next by Date: RE: Can Windows Server 2003 Standard 32 bit Edition support 64bit CPU?
- Previous by thread: RE: Certificate New Template
- Next by thread: RE: Event ID 13 - AutoEnrollment
- Index(es):
