Getting the following Error messages in the Application Event for both Windows 2003 and 2008 Servers
Windows 2003 R2
|DATE / TIME||6/21/2013 7:35:44 AM|
|MESSAGE||Automatic certificate enrollment for local system failed to enroll for one Domain Controller Authentication certificate (0x80070005). Access is denied.|
Windows 2008 R2
|OPCODE||Spooler Operation Succeeded|
|DATE / TIME||2013/06/21 11:26:44 AM|
|MESSAGE||Certificate enrollment for Local system failed to enroll for a DirectoryEmailReplication certificate with request ID N/A from ????\????-CA (The RPC server is unavailable. 0x800706ba (WIN32: 1722)).|
Checked the following on the CA server
- Ensure that “Authenticated Users” group is in the “Certificate Service DCOM Access” group.
- Check the DCOM Access Limit of “My Computer” of the DC
- On the server, run dcomcnfg.exe.
- On the Component Services console, navigate to Component Services\Computers\My Computer.
- Right-click My Computer, select Properties, verify that Enable Distributed COM on this computer is selected in the Default Properties tab.
- Click the COM Security tab, Click Edit Limits in the Access Permission section and ensure that Everyone and Certificate Service DCOM Access has Local Access and Remote Access permissions.
- Click Edit Limits in the Launch and Activation Permission section and ensure that Certificate Service DCOM Access group has Local Activation and Remote Activation permissions.
- Click OK