none
Event ID 53 RRS feed

  • Question

  • I have received the following 2 warnings in the app log of our Windows Server 2003 R2 Server.

    Event ID: 77

    Source: CertSvc

    Description:

    The "Windows default" Policy Module logged the following warning: The Active Directory connection to ServerName has been reestablished to ServerName.

    and then

    Event ID: 53

    Source: CertSvc

    Description:

    Certificate Services denied request 41 because The permissions on the certificate template do not allow the current user to enroll for this type of certificate. 0x80094012 (-2146877422).  The request was for CN=COMPUTERNAME.  Additional information: Denied by Policy Module.

    I am pretty sure the request is being made when the free LogMeIn client is first being installed on the computers. I am deploying the client with Group Policy.

    The failed request folder in the Certification Authority snap-in, is filled with these requests.

    Why are the requests failing?




    • Edited by Blue_Craig Wednesday, June 27, 2012 1:31 PM
    Wednesday, June 27, 2012 1:21 PM

Answers

  • Hi,

    Thanks for posting in Microsoft TechNet forums.

    Please check the information in the articles below to see if it can be helpful in our troubleshooting:

    Event ID 77 — AD CS Policy Module Processing

    http://technet.microsoft.com/en-us/library/cc774505(v=ws.10).aspx

    Event ID 53 — AD CS Certificate Request (Enrollment) Processing

    http://technet.microsoft.com/en-us/library/dd299871(v=ws.10).aspx

    Regards

    Kevin
    • Marked as answer by 朱鸿文 Tuesday, July 3, 2012 2:12 AM
    Thursday, June 28, 2012 4:45 AM
  • Hi,

    I understand that the "Event ID 53" is gone now but the "Event ID 77" still persists.

    We can try reinstalling the default certificate templates to see if it can fix the problem.

    How to re-install the default certificate templates?

    http://blogs.technet.com/b/pki/archive/2007/08/06/how-to-re-install-the-default-certificate-templates.aspx

    Regards

    Kevin
    • Marked as answer by 朱鸿文 Tuesday, July 3, 2012 2:12 AM
    Friday, June 29, 2012 2:28 AM

All replies

  • Hi,

    Thanks for posting in Microsoft TechNet forums.

    Please check the information in the articles below to see if it can be helpful in our troubleshooting:

    Event ID 77 — AD CS Policy Module Processing

    http://technet.microsoft.com/en-us/library/cc774505(v=ws.10).aspx

    Event ID 53 — AD CS Certificate Request (Enrollment) Processing

    http://technet.microsoft.com/en-us/library/dd299871(v=ws.10).aspx

    Regards

    Kevin
    • Marked as answer by 朱鸿文 Tuesday, July 3, 2012 2:12 AM
    Thursday, June 28, 2012 4:45 AM
  • The request being made is for a WebServer Certificate.

    Under the security tab of the Web Server Template, if I added the domain computers group and set the permissions to read and enroll for that group, do you think that would do the trick. Or would just giving the group enroll permissions work?

    Looking at the warning it says "The permissions on the certificate template do not allow the current user to enroll for this type of certificate". So it does look like a permissions issue.


    • Edited by Blue_Craig Thursday, June 28, 2012 9:59 AM
    Thursday, June 28, 2012 9:58 AM
  • Giving the domain computers group enroll permission to the webserver certifcate has got rid of the event id 53

    Event id 77 is still appearing though when I install logmein.

    Thursday, June 28, 2012 1:22 PM
  • Hi,

    I understand that the "Event ID 53" is gone now but the "Event ID 77" still persists.

    We can try reinstalling the default certificate templates to see if it can fix the problem.

    How to re-install the default certificate templates?

    http://blogs.technet.com/b/pki/archive/2007/08/06/how-to-re-install-the-default-certificate-templates.aspx

    Regards

    Kevin
    • Marked as answer by 朱鸿文 Tuesday, July 3, 2012 2:12 AM
    Friday, June 29, 2012 2:28 AM
  • Hello,

    restart Active directory certification services and try it again.

    Branislav


    Branislav Pastorek SEAL IT services

    Wednesday, October 31, 2012 2:22 PM