Errors in CertSvc

Errors in CertSvc

Post by Milos Puch » Sun, 11 Jul 2004 21:53:58


I have set a test private network with
A. One domain controller (Windows 2003), where there is CA and RADIUS
servers
B. One internal client (Windows XP SP1)
C. One VPN server (ISA not yet installed) with RADIUS server authentication.

I have obtained the following warning and error messages:

Certificate Services HIDECA can not open the certificate store at
CN=NTAuthCertificates,CN=Public Key Services,CN=Services
in the Active Directory's configuration container.
Warning
CertSvc
None
94

The "Windows default" Policy Module "Initialize" method returned an
error. The specified domain either does not exist or could not be
contacted. The returned status code is 0x8007054b (1355).
The Active Directory containing the Certification Authority could
not be contacted.
Error
CertSvc
None
44

Certificate Services could not publish a Delta CRL for key 0
to the following location:
ldap:///CN=HIDECA,CN=dc,CN=CDP,CN=Public Key
Services,CN=Services,CN=Configuration,DC=HIDE,DC=FEL.
A directory service error has occurred. 0x80072095 (WIN32: 8341).
Error
CertSvc
None
66

Could not connect to the Active Directory. Certificate Services
will retry when processing requires Active Directory access.
Error
CertSvc
None
91

And after reinstalling the test network, I have
Error CertSvc 44

The "Windows default" Policy Module "Initialize" method returned an error.
The specified domain either does not exist or could not be contacted. The
returned status code is 0x8007054b (1355). The Active Directory containing
the Certification Authority could not be contacted.



Warning CertSvc 94

Certificate Services HIDECA can not open the certificate store at
CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Active
Directory's configuration container.



Error CertSvc 91

Could not connect to the Active Directory. Certificate Services will retry
when processing requires Active Directory access.



Warning CertSvc 77

The "Windows default" Policy Module logged the following warning: The Active
Directory connection to ??? has been reestablished to DC.


What is the problem? All computers obtained certificates via GPO.
Have I miss something important?

Googling gave nothing reasonable.

TIA
Regards,
Milos
 
 
 

Errors in CertSvc

Post by Thomas W S » Wed, 14 Jul 2004 18:55:49

Hi Milos,

What are the details of your Web Publishing Rule that you use to access the
Web enrollment site?

Thanks!



: I have set a test private network with
: A. One domain controller (Windows 2003), where there is CA and RADIUS
: servers
: B. One internal client (Windows XP SP1)
: C. One VPN server (ISA not yet installed) with RADIUS server
authentication.
:
: I have obtained the following warning and error messages:
:
: Certificate Services HIDECA can not open the certificate store at
: CN=NTAuthCertificates,CN=Public Key Services,CN=Services
: in the Active Directory's configuration container.
: Warning
: CertSvc
: None
: 94
:
: The "Windows default" Policy Module "Initialize" method returned an
: error. The specified domain either does not exist or could not be
: contacted. The returned status code is 0x8007054b (1355).
: The Active Directory containing the Certification Authority could
: not be contacted.
: Error
: CertSvc
: None
: 44
:
: Certificate Services could not publish a Delta CRL for key 0
: to the following location:
: ldap:///CN=HIDECA,CN=dc,CN=CDP,CN=Public Key
: Services,CN=Services,CN=Configuration,DC=HIDE,DC=FEL.
: A directory service error has occurred. 0x80072095 (WIN32: 8341).
: Error
: CertSvc
: None
: 66
:
: Could not connect to the Active Directory. Certificate Services
: will retry when processing requires Active Directory access.
: Error
: CertSvc
: None
: 91
:
: And after reinstalling the test network, I have
: Error CertSvc 44
:
: The "Windows default" Policy Module "Initialize" method returned an error.
: The specified domain either does not exist or could not be contacted. The
: returned status code is 0x8007054b (1355). The Active Directory
containing
: the Certification Authority could not be contacted.
:
:
:
: Warning CertSvc 94
:
: Certificate Services HIDECA can not open the certificate store at
: CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Active
: Directory's configuration container.
:
:
:
: Error CertSvc 91
:
: Could not connect to the Active Directory. Certificate Services will
retry
: when processing requires Active Directory access.
:
:
:
: Warning CertSvc 77
:
: The "Windows default" Policy Module logged the following warning: The
Active
: Directory connection to ??? has been reestablished to DC.
:
:
: What is the problem? All computers obtained certificates via GPO.
: Have I miss something important?
:
: Googling gave nothing reasonable.
:
: TIA
: Regards,
: Milos
:
:

 
 
 

Errors in CertSvc

Post by Milos Puch » Sat, 17 Jul 2004 03:10:24

Hi Tom,

I have stopped to continue in my setup procedure, there is still no ISA.
I am not accessing the internal network from outside.
... or should I miss something important in AD? CA sits on the DC
as well as the RADIUS server. It seems the errors has appeared shortly
after the Enterprise CA had been estableshed before vanything else
have been installaed (VPN....)

Regards,
Milos
PS I will be on my holidays now. If you or someone else will response,
I will be online in about 10days.