Event ID 10009 and 13 RRS feed

  • Question

  • Started at 4/20/2010 11:05 PM, we're getting Errors on our Domain Controllers

    Event ID: 10009

    DCOM was unable to communicate with the computer RTEST.worx.local using any of the configured protocols.

    Event ID 13:

    Automatic certificate enrollment for local system failed to enroll for one Domain Controller certificate (0x800706ba).  The RPC server is unavailable.


    There were no changes on our DCs. Computer RTEST.worx.local was long gone. I dont know what trigerred this error and how to stop the alerts?

    I found that there's still DNS record for RTEST.worx.loca. I deleted it now.




    Monday, April 26, 2010 2:16 PM


All replies

  • will removing the RTEST.worx.local on Cert Publishers Group solve this? 


    Monday, April 26, 2010 4:07 PM
  • Hello,

    was RTEST.worx.local a domain controller and demoted correct or just removed form the domain without demoting? If yes then follow this article to remove it complete from the AD database etc.

    Also make sure to use only the domain NS servers on the NIC. If the article above doesn't apply please give some more information about OS version and SP/patch level and post an unedited dcdiag /v and ipconfig /all from the existing DC .

    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
    Tuesday, April 27, 2010 11:17 AM
  • As Meinolf was talking about, how did this dc exit the domain?  If a dc is not demoted properly then the metadata within Active Directory will still believe that the dc is particpating and it continues to try and communicate and update this dc.  There are ways to clean up after a lost dc but if those steps haven't been taken you can get all kinds of wierd messages relating to this dc and problems for the domain.

    I have an article that can guide you through clean up at:

    Once clean up has been completed, I would suggest you go back and verify that your domain is healthy.


    Paul Bergson
    MVP - Directory Services
    MCITP: Enterprise Administrator
    MCTS, MCT, MCSE, MCSA, Security+, BS CSci
    2008, Vista, 2003, 2000 (Early Achiever), NT4
    Microsoft's Thrive IT Pro of the Month - June 2009

    Please no e-mails, any questions should be posted in the NewsGroup This
    posting is provided "AS IS" with no warranties, and confers no rights.

    • Marked as answer by Bruce-Liu Monday, May 3, 2010 11:19 AM
    Tuesday, April 27, 2010 12:29 PM
  • Thanks meinolf, paul RTEST.worx.local has been long gone, no longer existing but it seems that this is not a DC.

    Servers under AD Sites and services do not include RTEST.worx.local.

    It looks like it is just a member server with Certificate Authority. I need to remove the Automatic enrollment from the DC to this machine. This I'm not sure how to do.



    Tuesday, April 27, 2010 1:22 PM