I have two Windows Server 2003 SP2 domain controllers, and on one of them I am seeing "Event ID 13 - Automatic certificate enrollment for local system failed to enroll for one Domain Controller certificate (0x80070005). Access is denied." repeated over and over.
I have seen reference to adding all domain controllers to the CERTSVC_DCOM_ACCESS security group however that group does not exist.
I have also seen references to making changes using the certificate authority management console however when I try to launch it I get the message "Cannot Manage Certificate Services. The specified service does not exist as an installed service."
I happened to check my other domain controller and it does not have the service installed either.
What can I do to fix this problem?