[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Autoenrollment Event ID 13

Posted on 2010-11-11
18
Medium Priority
?
2,322 Views
Last Modified: 2013-11-16
I am getting event ID 13 followed by 6, source - CertificateServicesClient-AutoEnrollment on all my 2008 DC's.

Certificate enrollment for Local system failed to enroll for a DomainController certificate with request ID N/A from SERVERTEST.ABC.LOCAL\SERVERTEST_SERVER-CA (The RPC server is unavailable. 0x800706ba (WIN32: 1722)).

The computer SERVERTEST does not exist anymore, can I stop these messages somehow.

I have looked at eventid.net for this event but I can't understand out of all the options what I should do in this case where I simply want to remove all entries for this old server from my domain controllers.
http://www.eventid.net/display.asp?eventid=13&eventno=2719&source=AutoEnrollment&phase=1
0
Comment
Question by:Pete
  • 9
  • 4
  • 3
16 Comments
 
LVL 24

Expert Comment

by:Awinish
ID: 34111052
It looks to be there is problem in the firewall, have you made any changes on firewall as RPC error or port & firewall related.

Check below link.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q_26559548.html
http://www.eggheadcafe.com/software/aspnet/35644896/domain-certificate-error.aspx
0
 
LVL 24

Expert Comment

by:Awinish
ID: 34111137
Check below link too, but i still stick that there is some firewall or port access issue.

http://ilantz.wordpress.com/category/server-2008-r2/
0
 
LVL 1

Author Comment

by:Pete
ID: 34111307
don't you think it is an error that it can't find the non-existent server? the error really goes back to since I installed 2008.
I will turn off firewall for a bit and see if events still log.
0
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

 
LVL 24

Expert Comment

by:Awinish
ID: 34111377
Did you do any CA migration from 2003 to 2008, something like that?
0
 
LVL 1

Author Comment

by:Pete
ID: 34111431
no, nothing migrated.
0
 
LVL 24

Expert Comment

by:Awinish
ID: 34111469
So was that server was previously CA & migrated to another server, as i require some more info so i can say exactly error with RPC & server is coming.
0
 
LVL 1

Author Comment

by:Pete
ID: 34111485
I don't think I have any CA servers, I don't think I even know what one is.
0
 
LVL 1

Author Comment

by:Pete
ID: 34118416
I left the firewall of overnight and event id 13 and 6 are still being logged.
0
 
LVL 29

Expert Comment

by:Michael Pfister
ID: 34204945
SERVERTEST was a domain controller?
If yes, was it demoted (dcpromo) before it was turned off?
0
 
LVL 1

Author Comment

by:Pete
ID: 34205068
I think server test was not a DC
0
 
LVL 29

Accepted Solution

by:
Michael Pfister earned 2000 total points
ID: 34205206
On a domain controller, open a command prompt and run

dcdiag /v /f:dcdiag.log

May take a while to finish. Then check dcdiag.log. If you want to post it here, remove sensitive data.

0
 
LVL 1

Author Comment

by:Pete
ID: 34205262
I have run the test, it found 3 DC's and the tests passed successfully...

I can not find any menrion of my server SERVERTEST anywhere.
0
 
LVL 29

Assisted Solution

by:Michael Pfister
Michael Pfister earned 2000 total points
ID: 34205347
Ok, check if you find old CA objects:
http://support.microsoft.com/kb/889250/en-us
Scroll down to "Remove all Certification Services objects from Active Directory" and check if you see some or all of the objects mentioned.
0
 
LVL 1

Author Comment

by:Pete
ID: 34205470
I found the entry for SERVERTEST running certutil on a DC.

The MS article is for 2003 and gets lost on step 2, is there a 2008r2 equivalent.

Thanks making progress.....
0
 
LVL 1

Author Comment

by:Pete
ID: 34205554
sorry ignore last post, it is almost identical.
0
 
LVL 1

Author Comment

by:Pete
ID: 34205612
Thanks, that article and steps fixed the problem, really great help.

0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses
Course of the Month8 days, 7 hours left to enroll

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question