Sign in
 
HomeWindows Server 2012Windows Server 2008 R2Windows Server 2003LibraryForums
Windows Server TechCenter >
NDES Service failed to start 0x800700ea - EVENT_MSCEP_FAILED_TO_LOAD

Answered NDES Service failed to start 0x800700ea - EVENT_MSCEP_FAILED_TO_LOAD

  • Sunday, August 19, 2012 3:10 PM
     
     
    Sign In to Vote
    0

    I followed this guide to setup the ADCS role in a Azure VM hosting Windows Server 2012 RTM version. http://social.technet.microsoft.com/wiki/contents/articles/9063.network-device-enrollment-service-ndes-in-active-directory-certificate-services-ad-cs.aspx

    I am setting up a standalone CA that is running NDES on the same VM. The Setup ran fine. No errors.

    When I try to access the Admin page, it asks me for the user name and password. Entered the admin user name and password and it throws a HTTP 500.0 error.

    In the event log - the error event is

    Log Name:      Application
    Source:        Microsoft-Windows-NetworkDeviceEnrollmentService
    Date:          8/19/2012 2:51:08 PM
    Event ID:      2
    Task Category: None
    Level:         Error
    Keywords:      
    User:          MOBI\ndes
    Computer:      Mobi
    Description:
    The Network Device Enrollment Service cannot be started (0x800700ea). More data is available.

    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-NetworkDeviceEnrollmentService" Guid="{73144342-19D1-47A4-94DE-D38E6A054AD5}" />
        <EventID>2</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>0</Task>
        <Opcode>0</Opcode>
        <Keywords>0x8000000000000000</Keywords>
        <TimeCreated SystemTime="2012-08-19T14:51:08.306995600Z" />
        <EventRecordID>486</EventRecordID>
        <Correlation />
        <Execution ProcessID="1356" ThreadID="4084" />
        <Channel>Application</Channel>
        <Computer>Mobi</Computer>
        <Security UserID="S-1-5-21-1909558805-678279859-603008632-1001" />
      </System>
      <EventData Name="EVENT_MSCEP_FAILED_TO_LOAD">
        <Data Name="ErrorCode">0x800700ea</Data>
        <Data Name="ErrorMessage">More data is available.
    </Data>
      </EventData>
    </Event>

    I have setup ADCS and NDES on Windows 2008 R2 before and that's worked.

    Where do I find more data to analyze what's going on.

    Thx,
    Ash

     

All Replies

  • Monday, August 20, 2012 10:59 PM
     
     
    Sign In to Vote
    0
    Any suggestions?
     
  • Tuesday, August 21, 2012 2:47 AM
    Moderator
     
     
    Sign In to Vote
    0
    Hi,

    Thanks for posting in Microsoft TechNet forums.

    Please check the information in the thread below regarding the HTTP 500.0 error to see if it can be helpful:

    Network Device Enrollment Service - Renewing service certificates

    http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/b46a637b-2401-4e32-aaa0-cce5e09b6f81/

    And here is an article which might be useful to you regarding the troubleshooting of the "The Network Device Enrollment Service cannot be started" error:

    AD CS: Troubleshooting Network Device Enrollment Service

    http://technet.microsoft.com/en-us/library/ff955644(v=ws.10).aspx

    Regards

    Kevin
     
  • Tuesday, August 21, 2012 5:32 PM
     
     
    Sign In to Vote
    0

    Thanks Kevin.

    This is a new server install running Windows Server 2012 RTM on Azure so I not sure if the link 1st applies. I did try to request a new certificate via visit http://<servername>/certsrv but I could not see any options for Exchange Enrollment Certificate or CEP Encryption Certificate. The options I see are

    <Option ID=locCliAuthCert Selected Value="1.3.6.1.5.5.7.3.2"> Client Authentication Certificate
                <Option ID=locEmailCert   Value="1.3.6.1.5.5.7.3.4"> E-Mail Protection Certificate
                <Option ID=locSrvAuthCert Value="1.3.6.1.5.5.7.3.1"> Server Authentication Certificate
                <Option ID=locCodeSgnCert Value="1.3.6.1.5.5.7.3.3"> Code Signing Certificate
                <Option ID=locTimStmpCert Value="1.3.6.1.5.5.7.3.8"> Time Stamp Signing Certificate
                <Option ID=locIPSecCert   Value="1.3.6.1.5.5.8.2.2"> IPSec Certificate
                <Option ID=locUserEKUCert Value="**"> Other...

    Also, the second link does not have any troubleshooting help on Event 2, the error that I am seeing.

    BTW, I did turn on NDES logging but I can't find the log in c:\user\ndes

    Thx,

    Ash

     
  • Thursday, August 23, 2012 1:51 AM
    Moderator
     
     Answered
    Sign In to Vote
    0
    Hi Ash,

    Thank you for clarifying the issue for us.

    I understand that the problem server is a Windows Server 2012 RTM on Azure. 

    I suggest we post this issue at our Windows Server 2012 forum. There you can get more effective suggestion by other experts who familiar with this product. Your understanding is appreciated.

    Windows Server 2012 Release Candidate (RC) General

    http://social.technet.microsoft.com/Forums/en-US/winserver8gen/threads

    Regards

    Kevin