I am running on a 2003 AD Forest & Domain w/ three DC's
One of the DC's is a CA for our WAP2 Enterprise EAP authentication
The other two are getting Event Id 13:
Event Type: Error
Event Source: AutoEnrollment
Event Category: None
Event ID: 13
Time: 5:37:15 AM
Automatic certificate enrollment for local system failed to enroll for one Domain Controller certificate (0x80070005). Access is denied.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp
I have tried suggestions from both EVENTID.NET and Microsoft.com KB's, but none of these seem to resolve the issue.
Here is what I did so far:
1: Add both DC's the CERTSVC_DCOM_ACCESS (but have not rebooted the servers since I did so)
2: Modified the security permission to the "\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA"
by removing the everyone group and adding the System group
3: Ran certutil -setreg SetupStatus -SETUP_DCOM_SECURITY_UPDAT
ED_FLAG and received this error
C:\>certutil -setreg SetupStatus -SETUP_DCOM_SECURITY_UPDATED_FLAG
CertUtil: -setreg command FAILED: 0x80070002 (WIN32: 2)
CertUtil: The system cannot find the file specified.
4: The final piece of info that I can give you is that the RSA folder contains hundreds of files that match the time of the raised events in Event Viewer.