Results 1 to 6 of 6

Thread: Windows 2003 Server CA Problem and Automatic certificate enrollment

  1. #1
    Join Date
    Aug 2011
    Posts
    2

    Windows 2003 Server CA Problem and Automatic certificate enrollment

    I'm going to provide as much information as possible.

    Win 2003 Server Enterprise SP 2
    Exchange 2003 is installed SP 2
    Print Server for 2 MFP Printers
    4GB Ram
    1TB Raid 5 HDD setup

    The problem is the auto enrollment is not working on the server and the clients are getting the same error. I found the fix for it, and several of the requirements is to check the CA. When I click on the CA in Admin Tools I get an error that the service is not running. I looked in the Service MMC and I did not find the CA services. I also noticed that when I went into the Add remove programs and opened up the components, the check mark is missing for the CA Services. When I go to start the install of the CA services, it chooses the "Enterprise subordinate CA" option.

    My question is how do I proceed with this. Do I install it as subordinate CA or do I choose Enterprise Root CA. Is there another way to do this or fix the problem. Is there something I missing or should be looking at first. I don't want to install something like the CA that may cause more problems for me.

    Note: Here is the error in the event log.
    EventId 13 "Automatic certificate enrollment for local system failed to enroll for one Domain Controller certificate (0x800706ba). The RPC server is unavailable."

    The following error is from opening the Microsoft Certificate Services MMC and I try to "Retarget Certification Authority" "The specified services does not exisit as an installed service. 0x424 (WIN32:1060)"

    Any advise or help will be greatly appreciated

    pac0124

  2. #2
    Join Date
    Dec 2007
    Posts
    1,736

    Re: Windows 2003 Server CA Problem and Automatic certificate enrollment

    Well, if the cert error is an expired cert issued by a third party then you will need to replace it with a new certificate. SBS wizards will only renew (issue new) certs issued by itself ("self signed"). If it's a third party cert, then you may need to get a new certificate from the third party. If it was issued by the SBS server, run the connect to the Internet Wizard.

  3. #3
    Join Date
    Aug 2011
    Posts
    2

    Re: Windows 2003 Server CA Problem and Automatic certificate enrollment

    Thanks for the Reply James,

    The Server is not SBS, it is the Enterprise Edition. The CA MMC gives me an error when I try to see the cert's, so I don't even know what or even if any cert's are expired. The CA component is not checked off in the add/remove section. Please Re-Read the above issue and see if this is something you can help me with.

    Thanks
    pac0124

  4. #4
    Join Date
    Dec 2007
    Posts
    2,291

    Re: Windows 2003 Server CA Problem and Automatic certificate enrollment

    Can you please verify the following settings:

    1. In Certificate Template snap-in, right click the certificate template “Domain Controller Authentication” and ensure that Domain Controllers and ENTERPRISE DOMAIN CONTROLLERS groups has the Enroll and Autoenroll permissions, Authenticated Users has Read permission.

    2. Verify that Authenticated Users is member of the Certificate Service DCOM Access group.

    3. Ensure that there is no firewall blocking the connection. To verify it, you may use the utility portqry.

    PortQryUI - User Interface for the PortQry Command Line Port Sc
    http://www.microsoft.com/downloads/d...displaylang=en

  5. #5
    Join Date
    Aug 2011
    Posts
    1

    pls

    How to repair when window server 2003 show blue screen and restart?

  6. #6
    Join Date
    Mar 2010
    Posts
    209

    Re: Windows 2003 Server CA Problem and Automatic certificate enrollment

    Hello go with the following thread and see if its helpful for you. i am sure this will help you. and still if you are facing difficulty then post back your error message no when you are getting blue screen error.
    http://forums.techarena.in/windows-s...elp/918080.htm
    Blue Screen during Windows 2003 server installation ,PLS HELP!!
    Windows 2003 server SBS R2 - Blue Screen "DRIVER_IRQL_NOT_LESS_OR_EQUAL" error

Similar Threads

  1. Automatic certificate enrollment for local system failed
    By criscent in forum Windows Security
    Replies: 3
    Last Post: 07-05-2010, 01:15 AM
  2. Windows Server 2003 Ent. Certificate Services Webenroll
    By pushpendra in forum Windows Security
    Replies: 4
    Last Post: 30-05-2008, 01:03 AM
  3. IAS and RAS server certificate enrollment
    By AngerEyes in forum Windows Security
    Replies: 3
    Last Post: 27-05-2008, 11:56 PM
  4. Replies: 1
    Last Post: 09-06-2007, 02:28 PM
  5. Replies: 4
    Last Post: 29-08-2005, 02:47 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,654,707.97932 seconds with 17 queries