none
Ошибка AutoEnrollment на котроллере домена RRS feed

  • Вопрос

  • После того, как поднял сервер до контроллера домена в логе приложений периодически стали появляться ошибки следующего вида:

    Автоматическая подача заявки на сертификат Локальная система: не удалось подать заявку на один сертификат Контроллер домена (0x80070005). Отказано в доступе.

    Источник:AutoEnrollment

    ID:13

     

    PS Пол-вопроса в придачу. Попытался поискать решение по microsoft.com, но что-то у меня жутко долго в броузере висит поисковый запрос и так и не может никаких результатов выдать. Поиск работает или это какие-то мой проблемы...

Ответы

  • Отсюда

    The following events may be logged after you install Windows Server 2003 SP1.

    Event message 1

    Event Type: Error
    Event Source: AutoEnrollment
    Event Category: None
    Event ID: 13
    Date: date
    Time: time
    User: N/A
    Computer: computer_name
    Description: Automatic certificate enrollment for local system failed to enroll for one Directory Email Replication certificate (0x80070005). Access is denied. For more information, see Help and Support Center at http://support.microsoft.com.

    Event message 2

    Event Type: Error
    Event Source: AutoEnrollment
    Event Category: None
    Event ID: 13
    Date: date
    Time: time
    User: N/A
    Computer: computer_name
    Description: Automatic certificate enrollment for local system failed to enroll for one Workstation Authentication certificate (0x80070005). Access is denied. For more information, see Help and Support Center at http://support.microsoft.com.

    When you manually request a certificate by using the Certificate snap-in, you may receive the following error message:

    The certificate request failed because of one of the following conditions: -The certificate request was submitted to a Certification Authority (CA) that is not started. -You do not have the permissions to request certificates from the available CAs.

    Note If these errors occur on a domain controller, then add the Domain Controllers group to the CERTSVC_DCOM_ACCESS group. Domain controllers are not members of the Domain Computers global group and will not have sufficient DCOM permissions by default.

    If you change the group membership to include the Domain Controllers group, you must restart the domain controller to reflect the change.

    Модератор

Все ответы

  • Отсюда

    The following events may be logged after you install Windows Server 2003 SP1.

    Event message 1

    Event Type: Error
    Event Source: AutoEnrollment
    Event Category: None
    Event ID: 13
    Date: date
    Time: time
    User: N/A
    Computer: computer_name
    Description: Automatic certificate enrollment for local system failed to enroll for one Directory Email Replication certificate (0x80070005). Access is denied. For more information, see Help and Support Center at http://support.microsoft.com.

    Event message 2

    Event Type: Error
    Event Source: AutoEnrollment
    Event Category: None
    Event ID: 13
    Date: date
    Time: time
    User: N/A
    Computer: computer_name
    Description: Automatic certificate enrollment for local system failed to enroll for one Workstation Authentication certificate (0x80070005). Access is denied. For more information, see Help and Support Center at http://support.microsoft.com.

    When you manually request a certificate by using the Certificate snap-in, you may receive the following error message:

    The certificate request failed because of one of the following conditions: -The certificate request was submitted to a Certification Authority (CA) that is not started. -You do not have the permissions to request certificates from the available CAs.

    Note If these errors occur on a domain controller, then add the Domain Controllers group to the CERTSVC_DCOM_ACCESS group. Domain controllers are not members of the Domain Computers global group and will not have sufficient DCOM permissions by default.

    If you change the group membership to include the Domain Controllers group, you must restart the domain controller to reflect the change.

    Модератор
  • Спасибо, попробую. Хорошо хоть здесь спросить можно, а то поиск у меня что-то пока совсем застрял....

     

    Подскажите еще, пожалуйста, как выключается усиленная безопасность ie ?

  • Control Panel - Add/remove Programms - компоненты windows.
    Модератор