Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4459
  • Last Modified:

Automatic certificate enrollment for local system failed to enroll for one Domain Controller certificate

Hi,

I have a windows 2003 SBS machine that appears to keep dropping out. The client machines are running a database application from the server and they lose connectivity numerous times through out the day. I have been remotely connected to both the server and a client machine when this occurs. The client machine can ping the server and visa versa. The client machine can also get on the web, the client machine fails to do an nslookup to its primary dns which is set as the server. The client machine gets a popup that says working offline.

I can see an error event id 13 on the server Automatic certificate enrollment for local system failed to enroll for one Domain Controller certificate (0x80040154).  Class not registered
I have run all the latest windows updates.

Can anyone suggest a fix.

Thanks
0
Sid_F
Asked:
Sid_F
1 Solution
 
Sid_FAuthor Commented:
I have tried the following post:


It sounds like the Certificate Authority you have does not have Domain Controller Certificates enabled.

If you open up the Certificate Authority MMC and target your CA, under Certificate Templates, there should be one that says "Domain Controller". You can add it by right clicking the Cert. Template folder and doing New>Template to Issue
 
However I receive "cannot manage certificate services. The specified service does not exist as an instalable service 0x424 win32:1060
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
You shouldn't even have certificate services installed on an SBS.

The 0x80040154 error would indicate that perhaps there is a stale certificate on the server.  Was this server migrated?

Were the workstations joined to the domain using http://<servername>/connectcomputer?
(if not rejoin them following http://sbsurl.com/rejoin)

Then... I would wonder about DNS.  Please post a COMPLETE ipconfig /all from both server and a sample workstation.

Jeff
TechSoEasy

0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now