CertificationAuthority - lots of Event 22
Fellow Experts, I need help.
Long story short - I've recovered domain controller from the crash and some time after the operation CertificateAuthority started making errors (Event ID: 22, just like below). Unfortunately we have only one server and had to put everything in one box.
I'm not sure about the exact message as I'm not using English Windows.
It happens for user accounts as well as computer accounts.
I've checked MS KB about the issue (with verifying certificates and generating new CRL list) and it seems everything is fine...
What may be other steps to look for?
In the worst case scenario I can decommission CA and start from scratch as it's not yet widely used (only for RemoteApp).
Long story short - I've recovered domain controller from the crash and some time after the operation CertificateAuthority started making errors (Event ID: 22, just like below). Unfortunately we have only one server and had to put everything in one box.
Active Directory Certificate Services could not process request REQUEST_NO due to an error: ERROR 0xc8000152 (ESE: -338). The request was for DOMAIN\user_account. Additional information: An error has been encountered while analyzing the request....or the last message may be: Error Verifying Request Signature.
I'm not sure about the exact message as I'm not using English Windows.
It happens for user accounts as well as computer accounts.
I've checked MS KB about the issue (with verifying certificates and generating new CRL list) and it seems everything is fine...
What may be other steps to look for?
In the worst case scenario I can decommission CA and start from scratch as it's not yet widely used (only for RemoteApp).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've followed KB889250 (yes, I know it's for Win2000 and 2003) and decommissioned the server (couldn't event manually request new certificates).
Then I've set it up from scratch and it seems to work properly now. I just have to replace few RemoteApp .rdp files located on some computers.
Anyway - since your suggestion was correct - I'm closing the question.
Then I've set it up from scratch and it seems to work properly now. I just have to replace few RemoteApp .rdp files located on some computers.
Anyway - since your suggestion was correct - I'm closing the question.
ASKER
I have to admit I had some problems with AD, but it seems they're resolved by now - no reports of inconsistencies or any other errors...