Cannont Start the active directory certificate service on sbs 2011

I am having trouble getting the active directory certificate service to start on our server.  When I go into services and start it, it says that it is succesful but as soon as it refreshes it is stopped again.

In the event viewer I get these errors and I think they are related to the problem.

1.Automatic certificate enrollment for local system failed (0x800706ba) The RPC server is unavailable.

2.Certificate enrollment for Local system failed to enroll for a DomainController certificate with request ID N/A from SACSVDC01.CMS.local\CMS-SACSVDC01-CA (The RPC server is unavailable. 0x800706ba (WIN32: 1722)).




I have another question already open, and if they are the same cause I appologize.  

http://www.expertsexchange.com/OS/Microsoft_Operating_Systems/Server/SBS_Small_Business_Server/Q_27991810.html
calmovingAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
calmovingConnect With a Mentor Author Commented:
I was able to get this started again last night.  I removed the role of the CA authority on server, then reinstalled.  This created a new CA and the errors have gone away
0
 
arrorynCommented:
This resolved issue contains your error - would this be of any help?

http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_27272262.html
0
 
calmovingAuthor Commented:
I looked at that and was able to follow and check all of the settings down to the last task.

"Sometimes event 13 with "Server RPC is unavailable" means “access is denied”. A possible cause of this issue is that one of the following objects is not
added to the Builtin\Users group:

·
NT AUTHORITY\Authenticated Users
·
NT AUTHORITY\INTERACTIVE

I think that this should have been done is the "Active Directory Users and Computers" but I dont see anything that say NT Authority in my BUILTIN
0
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
I wouldn't think that adding those to objects to the Builtin\Users (as members of Builtin\Users) would actually solve your problem.

Instead please review the answer provided here as it is much more likely the cause (especially the DCOM Access item):
http://social.technet.microsoft.com/Forums/hu-HU/winserversecurity/thread/7cee04eb-0759-42b9-8f5b-e2f720811565

Jeff
TechSoEasy
0
 
calmovingAuthor Commented:
I have checked the information on the above link, and also went to the links in that article and they dont seem to be the same as the problems I am having.  Do we have any other ideas?
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Seriously?  that is the EXACT error you said you are getting.

Jeff
TechSoEasy
0
 
calmovingAuthor Commented:
Yes I agree, but I have found similar postings already and these are not working.  I am thinking of removing the certificate authority and then reinstalling.  When the service attempts to start it cant find the certificate, my thinking is if I uninstall/reinstall this it should create a new local certificate?
0
 
calmovingAuthor Commented:
I was able to solve on my own
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.