Windows Server TechCenter >

Windows Server Forums >

test SCEP - error 503, service unavailable

test SCEP - error 503, service unavailable

Wednesday, January 16, 2013 5:32 PM

0
Hello,

I completed SCEP NDES installation on a Server 2008 R2 VM following the procedure document on http://social.technet.microsoft.com/wiki/contents/articles/9063.network-device-enrollment-service-ndes-in-active-directory-certificate-services-ad-cs.aspx

Then I tried to test it by accessing http://localhost/certsrv/mscep_admin using IE 8, it shows error 503, service is unavailable. In the IIS Application Pools, I noticed SCEP gets stopped after some while.

Any step I missed in SCEP NDES configuration?

Application event ID: 2 and 8

Thank you in advance
- Edited by Jack_PKI Wednesday, January 16, 2013 8:49 PM
- Edited by Jack_PKI Wednesday, January 16, 2013 10:09 PM
- Edited by Jack_PKI Thursday, January 17, 2013 6:04 PM
- Reply
- Quote

All Replies

Friday, January 18, 2013 4:22 AM

Moderator

0

Hi,

Thanks for posting in Microsoft TechNet forums.

The "Error Events" part of the article below can be helpful during our troubleshooting:

Network Device Enrollment Service (NDES) in Active Directory Certificate Services (AD CS)

http://social.technet.microsoft.com/wiki/contents/articles/9063.network-device-enrollment-service-ndes-in-active-directory-certificate-services-ad-cs.aspx#Error_Events

Regards

Kevin
- Reply
- Quote
Friday, January 18, 2013 10:42 PM

0

Hi Kevin,

Thank you for response.

After I re-enrolled the certificates of CEP Encryption and Exchange Enrollment agent on the SCEP service computer, the changes happened. Now when I accessed http://localhost/certsrv/mscep_admin, System event 5021 was captured, which mentioned Batch Log on rights. So I think the NDES service account should be set in the Group Policy "Log on as a batch job". Is it correct?

Regards
- Reply
- Quote

Frequently asked questions - Forums help