Domain Controller Autoenrollment Fails
I just installed a Win2k3 server as a second domain controller (the first
server is also running win2k3). Autoenrollment is enable in directory
services for domain controllers with the standard domain controller
certificate but autoenrollment fails with Event 13:
Automatic certificate enrollment for local system failed to enroll for one
Domain Controller Authentication certificate (0x80070005). Access is denied.
Any ideas? Thanks in advance.
Re: Domain Controller Autoenrollment Fails
I'm having the same problem,
If you figure it out please let me know how.
-Wayne
"big moose" <bigmoose@discussions.microsoft.com> wrote in message
news:4E22FB53-AFE4-4085-908D-6FD20E87C19C@microsoft.com...
>I just installed a Win2k3 server as a second domain controller (the first
> server is also running win2k3). Autoenrollment is enable in directory
> services for domain controllers with the standard domain controller
> certificate but autoenrollment fails with Event 13:
> Automatic certificate enrollment for local system failed to enroll for one
> Domain Controller Authentication certificate (0x80070005). Access is
> denied.
>
> Any ideas? Thanks in advance.
Re: Domain Controller Autoenrollment Fails
big moose wrote:
> I just installed a Win2k3 server as a second domain controller (the first
> server is also running win2k3). Autoenrollment is enable in directory
> services for domain controllers with the standard domain controller
> certificate but autoenrollment fails with Event 13:
> Automatic certificate enrollment for local system failed to enroll for one
> Domain Controller Authentication certificate (0x80070005). Access is denied.
>
> Any ideas? Thanks in advance.
Check the clocks are in sync easily overlooked when adding DC's all
sorts of things don't work when clocks are out of sync.
Geoff
Re: Domain Controller Autoenrollment Fails
Add the Domain Controller Group to the "CERTSVC_DCOM_ACCESS" group. All make
sure that you have enabled DC Autoenrollment in GP.
"Geoff Hall" wrote:
> big moose wrote:
> > I just installed a Win2k3 server as a second domain controller (the first
> > server is also running win2k3). Autoenrollment is enable in directory
> > services for domain controllers with the standard domain controller
> > certificate but autoenrollment fails with Event 13:
> > Automatic certificate enrollment for local system failed to enroll for one
> > Domain Controller Authentication certificate (0x80070005). Access is denied.
> >
> > Any ideas? Thanks in advance.
> Check the clocks are in sync easily overlooked when adding DC's all
> sorts of things don't work when clocks are out of sync.
>
> Geoff
>