Automatice Certificate Enrollment Failure
- From: "westernwind" <westernwind@xxxxxxxxxxxxxx>
- Date: Thu, 14 Jul 2005 10:18:04 -0700
This post is intended for the TechNet managed news group monitors to resolve.
I have a Windows 2003 Server that is running as a AD/DC with Exchange 2003,
and IIS6.0. I installed the Certificate Authority services on this server
and issued a certificate. I am using this to enforce the use of SSL for my
Outlook WEB Access users. This is working as expected.
I have a second Windows 2003 Server that is running as a AD/DC and it has
all of the FSMO roles. Both servers are in the same domain. After
installing the CA on the first DC I am now getting the following error in the
event logs for my second DC:
"Automatic certificate enrollment for local system failed to enroll for one
Domain Controller certificate (0x80070005). Access is denied."
I have checked the Group Policy for the Domain Controllers and the
'Autoenrollment Settings Properties' are set to "Enroll certificates
automatically."
I have looked at the Certificate Authority 'Certificate Templates - Manage'
and the "Domain Controller Authentication" is set to 'Allow' for the Windows
2003 Server.
I have seen many posts regarding this issue but I am unable to determine a
solution to this issue. Please let me know your suggested resolution to this
issue.
--
Thanks in advance
westernwind
.
- Follow-Ups:
- RE: Automatice Certificate Enrollment Failure
- From: Ken Zhao [MSFT]
- RE: Automatice Certificate Enrollment Failure
- Prev by Date: RE: losing our Internet Connection
- Next by Date: Re: can see server in browser, but can't connect
- Previous by thread: Re: DFS and "The network name cannot be found"
- Next by thread: RE: Automatice Certificate Enrollment Failure
- Index(es):
Relevant Pages
|
Loading
