• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1036
  • Last Modified:

Certificate auto-enrollment has not been enabled.

I was in the process of demoting and decommissioning an old 2003 Domain Controller when I determined is was the certificate authority for this domain.  This network has two 2008 R2 DC's functioning so I decided to move that role to one of those servers.

I followed the migration procedures detailed in this TechNet article and all seemed to be fine until I tried to verify the migration by launching the certmgr and requesting to  automatically enroll and retrieve certificates.

http://technet.microsoft.com/en-us/library/ee126140(v=ws.10).aspx

The results seem to indicate Certificate Auto-Enrollment has not been enabled.

When I select the option to Show All Templates, all options are greyed out - status:  Unavailable.  Did I miss something?

Any thoughts would be greatly appreciated.  Thank you
0
LenCepeda
Asked:
LenCepeda
  • 2
  • 2
1 Solution
 
RantCanSr. Systems AdministratorCommented:
Have you verified the services are started?
0
 
LenCepedaAuthor Commented:
Yes, I verified the AD Certificate Services are running.
0
 
RantCanSr. Systems AdministratorCommented:
Can you upload the C:\windows\certocm.log file?
0
 
LenCepedaAuthor Commented:
I believe I needed to wait for the changes to take effect.  I rebooted the server waited a few hours and all was in order
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now