I've just found this support article...
http://support.microsoft.com/default...b;en-us;903220
Its been fixed in SP1...
"Neil Hobbs" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi,
>
> I'm in the process of performing my final test deployment of a Windows
> Server 2003 Active Directory network.
>
> I have an Enterprise Root CA, which resides on the first domain controller
> SERVER01 (this is also a Global Catalog server) and this Domain Controller
> has successfully obtained a 'Domain Controller' certificate. But the
> second
> domain controller SERVER02 has not been able to obtain a 'Domain
> Controller'
> certificate. When this second domain controller starts up, it logs the
> following entry in the 'Application' event log:
>
> Source: Autoenrollment
> Event ID: 13
>
> Autoenrollment certificate for the local system failed to enroll for one
> Domain Controller certificate (0x80070005). Access is denied
>
> I have checked the TCP/IP configiration of the two domain controllers,
> both
> servers are on the same IP network; a 10.1.0.0/24 network;
>
> SERVER01 - has the IP address - 10.1.0.1/24
> SERVER02 - has the IP address - 10.1.0.2/24
>
> I have seen that both of the domain controllers are located in the
> 'DOMAIN\Domain Controllers' security group and this group has the default
> permissions to the 'Domain Controller Authentication' certificare template
> (Enroll and Autoenroll set to Allow).
>
> The rest of the configuration is the default configuration. The domain
> controllers and all servers are running Windows Server 2003 SP1. I have
> other servers, which all pickup their certificates without any issues, but
> no matter how many times I reboot this second domain controller it fails
> to
> get a certificate.
>
> I have performed a load of searches on the Knowledgebase and TechNet, but
> I
> can't find any article.
>
> Many thanks in advance for any solutions/advice will be most apprecaited.
>
>
>
Similar Threads
Linear Mode
