Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 579
  • Last Modified:

Cannont Start the active directory certificate service on sbs 2011

I am having trouble getting the active directory certificate service to start on our server.  When I go into services and start it, it says that it is succesful but as soon as it refreshes it is stopped again.

In the event viewer I get these errors and I think they are related to the problem.

1.Automatic certificate enrollment for local system failed (0x800706ba) The RPC server is unavailable.

2.Certificate enrollment for Local system failed to enroll for a DomainController certificate with request ID N/A from SACSVDC01.CMS.local\CMS-SACSVDC01-CA (The RPC server is unavailable. 0x800706ba (WIN32: 1722)).




I have another question already open, and if they are the same cause I appologize.  

http://www.expertsexchange.com/OS/Microsoft_Operating_Systems/Server/SBS_Small_Business_Server/Q_27991810.html
0
calmoving
Asked:
calmoving
  • 5
  • 2
1 Solution
 
arrorynCommented:
This resolved issue contains your error - would this be of any help?

http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_27272262.html
0
 
calmovingAuthor Commented:
I looked at that and was able to follow and check all of the settings down to the last task.

"Sometimes event 13 with "Server RPC is unavailable" means “access is denied”. A possible cause of this issue is that one of the following objects is not
added to the Builtin\Users group:

·
NT AUTHORITY\Authenticated Users
·
NT AUTHORITY\INTERACTIVE

I think that this should have been done is the "Active Directory Users and Computers" but I dont see anything that say NT Authority in my BUILTIN
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
I wouldn't think that adding those to objects to the Builtin\Users (as members of Builtin\Users) would actually solve your problem.

Instead please review the answer provided here as it is much more likely the cause (especially the DCOM Access item):
http://social.technet.microsoft.com/Forums/hu-HU/winserversecurity/thread/7cee04eb-0759-42b9-8f5b-e2f720811565

Jeff
TechSoEasy
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
calmovingAuthor Commented:
I have checked the information on the above link, and also went to the links in that article and they dont seem to be the same as the problems I am having.  Do we have any other ideas?
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Seriously?  that is the EXACT error you said you are getting.

Jeff
TechSoEasy
0
 
calmovingAuthor Commented:
Yes I agree, but I have found similar postings already and these are not working.  I am thinking of removing the certificate authority and then reinstalling.  When the service attempts to start it cant find the certificate, my thinking is if I uninstall/reinstall this it should create a new local certificate?
0
 
calmovingAuthor Commented:
I was able to get this started again last night.  I removed the role of the CA authority on server, then reinstalled.  This created a new CA and the errors have gone away
0
 
calmovingAuthor Commented:
I was able to solve on my own
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now