?
Solved

Installing Exchange Server 2013 on Windows Server 2012

Posted on 2014-01-19
5
Medium Priority
?
3,456 Views
Last Modified: 2014-01-25
I'm trying to install exchange server 2013. Everytime I get an error whilst it tries to install the Mailbox Role.

Error:
The following error was generated when "$error.Clear();
          Install-ExchangeCertificate -WebSiteName "Exchange Back End" -services "IIS, POP, IMAP" -DomainController $RoleDomainController -InstallInTrustedRootCAIfSelfSigned $true
          if ($RoleIsDatacenter -ne $true -And $RoleIsPartnerHosted -ne $true)
          {
            Install-AuthCertificate -DomainController $RoleDomainController
          }
        " was run: "Could not grant Network Service access to the certificate with thumbprint F14E751BD8D7252CD084F144753E4E9BE8CD571B because a cryptographic exception was thrown.".

That's the error the setup has provided me. A google search hasn't been fruitfull so I turned to you guys for some help. From the error I can understand that the Network Service account ouldn't be granted the access it needed to complete it's task.

In the meantime I'll try and grant the Network Service account the access it needs but so far I wasn't all that successfull. Due to the fact that I couldn't find any certificate with the described thumbprint.

Some information about the server:

- Windows Server 2012 Standard
- No DC, only SQL Server runs on it.
- Quad-core, 8 gb of ram
0
Comment
Question by:feanaro100
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
5 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 39792774
Do you have an Internal CA? Are you installing CAS/Mailbox role on the same server? Do you already have a older verison of Exchange running in your environment 2007/2010? Take a look at the below link which is a PAQ to an identical issue. Also, do you have your firewalls enabled on this server? When you say
No DC
i am assuming that you are just meaning on this particular server.

PAQ

Will.
0
 

Author Comment

by:feanaro100
ID: 39792791
Yes, this server is part of a domain network but the server itself is nog domain controller. We don't have an internal CA and this is the first time we are trying to install exchange server. And because this is a datacenter server the firewalls are indeed enabled.
0
 

Author Comment

by:feanaro100
ID: 39792795
Oh and we are trying to install all of the exchange server components on the same server.
0
 

Accepted Solution

by:
feanaro100 earned 0 total points
ID: 39794161
By changing the ownership of the Certificates private keys to myself and granting Network Service Full Control the installation continued.

I did this through the Certificates MMC snap-in and click Manage Private Keys... in the All Tasks sub-menu of the certificate. Thanks for the help @spec01!
0
 

Author Closing Comment

by:feanaro100
ID: 39808412
Because the problem disappeared after the above proposed solution.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question