cberrymd
asked on
Computer certificates enrolling multiple times
I am having an issue with a 2008 R2 Standard Enterprise CA where computer accounts are being issued multiple certificates. Auto-enrollment is configured via group policy. The template in use is "Copy of Workstation Authentication". "Publish certificate in Active Directory" and "Do not automatically reenroll if a duplicate certificate exists in Active Directory" are both enabled on the template. It is not a widespread issue but there are usually a few a day, but not for the same computer day after day.
It may not be at all related but the event application log for this CA server frequently has the following logged:
Event 77: Classic, CertificationAuthority
The "Windows default" Policy Module logged the following warning: The Active Directory connection to CASERVER.DOMAIN.COM has been reestablished to CASERVER.DOMAIN.COM.
Your assistance is greatly appreciated.
It may not be at all related but the event application log for this CA server frequently has the following logged:
Event 77: Classic, CertificationAuthority
The "Windows default" Policy Module logged the following warning: The Active Directory connection to CASERVER.DOMAIN.COM has been reestablished to CASERVER.DOMAIN.COM.
Your assistance is greatly appreciated.
i have the same issue but i don't have that warning in my event logs
my problem was that i had the Session Host Server authentication setting enabled and this causes the problem i.e. when a background refresh happens it generates a new certificate
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
No answers provided. EE community did not assist.