Solved

Cannont Start the active directory certificate service on sbs 2011

Posted on 2013-01-12
9
573 Views
Last Modified: 2013-02-12
I am having trouble getting the active directory certificate service to start on our server.  When I go into services and start it, it says that it is succesful but as soon as it refreshes it is stopped again.

In the event viewer I get these errors and I think they are related to the problem.

1.Automatic certificate enrollment for local system failed (0x800706ba) The RPC server is unavailable.

2.Certificate enrollment for Local system failed to enroll for a DomainController certificate with request ID N/A from SACSVDC01.CMS.local\CMS-SACSVDC01-CA (The RPC server is unavailable. 0x800706ba (WIN32: 1722)).




I have another question already open, and if they are the same cause I appologize.  

http://www.expertsexchange.com/OS/Microsoft_Operating_Systems/Server/SBS_Small_Business_Server/Q_27991810.html
0
Comment
Question by:calmoving
  • 5
  • 2
9 Comments
 
LVL 6

Expert Comment

by:arroryn
ID: 38770091
This resolved issue contains your error - would this be of any help?

http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_27272262.html
0
 

Author Comment

by:calmoving
ID: 38793957
I looked at that and was able to follow and check all of the settings down to the last task.

"Sometimes event 13 with "Server RPC is unavailable" means “access is denied”. A possible cause of this issue is that one of the following objects is not
added to the Builtin\Users group:

·
NT AUTHORITY\Authenticated Users
·
NT AUTHORITY\INTERACTIVE

I think that this should have been done is the "Active Directory Users and Computers" but I dont see anything that say NT Authority in my BUILTIN
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 38821308
I wouldn't think that adding those to objects to the Builtin\Users (as members of Builtin\Users) would actually solve your problem.

Instead please review the answer provided here as it is much more likely the cause (especially the DCOM Access item):
http://social.technet.microsoft.com/Forums/hu-HU/winserversecurity/thread/7cee04eb-0759-42b9-8f5b-e2f720811565

Jeff
TechSoEasy
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:calmoving
ID: 38841731
I have checked the information on the above link, and also went to the links in that article and they dont seem to be the same as the problems I am having.  Do we have any other ideas?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 38849719
Seriously?  that is the EXACT error you said you are getting.

Jeff
TechSoEasy
0
 

Author Comment

by:calmoving
ID: 38860243
Yes I agree, but I have found similar postings already and these are not working.  I am thinking of removing the certificate authority and then reinstalling.  When the service attempts to start it cant find the certificate, my thinking is if I uninstall/reinstall this it should create a new local certificate?
0
 

Accepted Solution

by:
calmoving earned 0 total points
ID: 38864519
I was able to get this started again last night.  I removed the role of the CA authority on server, then reinstalled.  This created a new CA and the errors have gone away
0
 

Author Closing Comment

by:calmoving
ID: 38879531
I was able to solve on my own
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Connect two buildings 6 47
Windows 10 - Devices and Printers slow loading 29 88
Powerline adapter slow Mbps? 38 165
svi stops eigrp advertisement 13 31
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question