Solved

Enterprise CA

Posted on 2014-09-23
9
73 Views
Last Modified: 2014-10-05
Do I need to install  Enterprise CA on a Server that has ADDS installed?

I installed it on a Server that is joined to the domain, but when I try to access the Certificate Template I get the following error...

Error
I can see that the Server nwgsca is joined to the domain and the FQDN is nwgsca.nwgs.local

any ideas as to why I'm getting this error message>
0
Comment
Question by:noad
  • 4
  • 4
9 Comments
 
LVL 34

Expert Comment

by:Seth Simmons
Comment Utility
are you a member of the domain admins and enterprise admins groups?
0
 
LVL 8

Accepted Solution

by:
Ratnesh Mishra earned 500 total points
Comment Utility
If nothing serious stuff is on that server , I would suggest.
1. Remove the CA role
2. Dis-join the domain
3. Rejoin the domain
4. Install the CA role.
0
 
LVL 1

Author Comment

by:noad
Comment Utility
Seth

Yes I am

Ratnesh

I have done it 2 time same issue.

But my question is, if the server needs to be running ADDS or can it just be a Server 2012 joined to the domain?
0
 
LVL 8

Expert Comment

by:Ratnesh Mishra
Comment Utility
CA can be installed on both , however not preferred/recommanded on server bearing role of AD. Would like to know have you followed the proper steps or if you can share the link you are following. Major part is to check and verify the pre-requisite.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 1

Author Comment

by:noad
Comment Utility
thanks...
0
 
LVL 8

Expert Comment

by:Ratnesh Mishra
Comment Utility
Please share following :-
1. OS details
2. Link you are following .
3. When and where you are getting the error ?
Lots and lots of links are available for the PKI certificate installation .
And one thing , you can install Root CA on even a non-domain machine. [ http://blogs.technet.com/b/yungchou/archive/2013/10/21/enterprise-pki-with-windows-server-2012-r2-active-directory-certificate-services-part-1-of-2.aspx ]
0
 
LVL 1

Author Comment

by:noad
Comment Utility
I can join server to domain
I go to DC and on DNS is the srv add to forward and revers DNS
I see Srv add to computer OU on DC
I can add CA on Server , I can config CA on Srv
when I open the CA MMC and go templates and right click it give above error
0
 
LVL 8

Expert Comment

by:Ratnesh Mishra
Comment Utility
Please try using same credential used for installing Root CA on the server. Hope it to be member of domain and enterprise admin.

You may follow the link to verify the configuration
http://msdn.microsoft.com/en-us/library/cc772603.aspx
0
 
LVL 1

Author Comment

by:noad
Comment Utility
I'm installing as Admin, with correct credential. It allows me to do the install, it's when I try to open the Certificate MMC that is gives me the above error.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Table of Contents: Lesson 1 - Installing Windows Server 2012 (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2012/A_11592-Become-an-Administrator-Installing-Windows-Server-2012.html) Lesson 2 - Configuring Ser…
In my previous 24 VMware Articles (http://www.experts-exchange.com/ARTH_1864316.html?arthOrderBy=3&arthSort=1#arth), most featured Intermediate VMware Topics. My next series of articles concentrated on topics for the VMware Novice;   If you would…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now