Event 1008 followed by 1009 in Windows 2000 Server DC

Posted on 2004-11-18
Last Modified: 2008-01-09
My Primary Domain Controller in AD running windows 2000 server has been loggin events 1008 and 1009 recently.
the event shows up every 2-3 hours, sometimes consecutively.
This is the only DC in the network.

Event 1008: The enterprise root certificate store could not be updated. Incorrect function
Event 1009: The NT Smartcard authentication certificate store could not be updated Incorrect function".
Question by:sunhak
    LVL 12

    Expert Comment

    Any changes to this DC?  Did you add a DNS server to it?  Update any GPO's?

     From a newsgroup post: "In my case the problem started to appear after I had installed Wingate 5.01 client software onto the file server, and had added a second DNS address, where the Wingate server DNS is setup at the gateway. Removing the Wingate client software, removing the second DNS server address (the same as the gateway) and then rebooting resulted in a perfectly functioning DNS domain server. I had installed the Wingate client software so that I could run Windows Update. I had done this because although the file server could access the internet when directly connected (I could ping www addresses from a command prompt), it could not display any pages".

     I was getting this event and event id 1008 (same source) plus an error about "Cannot contact Domain" etc. I simply re-applied the GPO manually which seemed to resolve the above errors.
    After applying the above you should get a response in the Event Viewer stating : "SceCli - Security policy in the Group policy objects are applied successfully". Now reboot your machine and the errors should be resolved.  

    is this an SBS DC?

     From a newsgroup post: "The 1008 errors are not the problem, they are the messenger. However, these errors are indicative that there are clock cycles being stolen by these items. There is a specific Perflib error that follows on the installation of SBS 2000. You resolve it quite simply with a command explained in the SBS readme doc which from the top of my head is:

    c:\\system32>lodctr c:\exchsrvr\bin\eseperf.ini

    That means you must execute that command from that directory in order for this to solve the problem regarding this specific issue on this counter, assuming the other paths are correct.  BTW, this comes from the SBS readme doc."

    Error code 0x80070051 = - no additional info
    Error code 0x80070057 = E_INVALIDARG = "One or more arguments are not valid error." - no additional info  


    Author Comment

    there were no changes in the DC.
    I did tweak some GPOs, but reverting back and rebooting has not solved the problem.
    I tried SECEDIT and in the event log, it shows SceCli successful, followed by event 1008 and 1009
    This is not a SBS
    LVL 12

    Expert Comment

    What level service pack?

    Author Comment

    LVL 12

    Expert Comment

    I have not been able to find anything on those event ID's.  I would try re-applying SP4.  Many times this will resolve issues like these.  Good Luck!  If I find anything I will let you know.

    Author Comment

    I tried sfc and didn't work so I ran a Repair on windows 2000 last night and it solved the problem.

    Accepted Solution

    Closed, 500 points refunded.

    Community Support Moderator
    Experts Exchange

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Suggested Solutions

    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now