Certificate Enrollment Denied By CA Server- HELP!


R

REA

Hi,
I am having this problem with my Enterprise Root CA. It won't issue any
certificate, not even to the Subordinate CA. Below are the events. These
events apply to all templates. I have tried many things, including
permissions. Could this be related to missing templates on the cert server?
how do i load new or updated templates?

The CA server is Windows 2003(with sp1) in a windows 2000 AD.

Thanks in advance,
REA

Event Type: Warning
Event Source: CertSvc
Event Category: None
Event ID: 53
Date: 5/14/2005
Time: 10:06:18 AM
User: N/A
Computer: ServCA01
Description:
Certificate Services denied request 11581 because The requested certificate
template is not supported by this CA. 0x80094800 (-2146875392). The request
was for mydomain\DUser. Additional information: Denied by Policy Module
0x80094800, The request was for a certificate template that is not supported
by the Certificate Services policy: User.


For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


Event Type: Warning
Event Source: CertSvc
Event Category: None
Event ID: 77
Date: 5/14/2005
Time: 10:06:18 AM
User: N/A
Computer: ServCA01
Description:
The "Windows default" Policy Module logged the following warning: The
User(v3.0): V1 Certificate Template could not be loaded. Element not found.
0x80070490 (WIN32: 1168).


For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
 
Ad

Advertisements

E

Eduard Koller [MSFT]

Did you configure the CA to issue the desired template(s)?
You can open certsrv.msc, look in the "templates" node, then
right-click -> new-> certificate template to issue


--
Eduard Koller[MS]

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
 
Ad

Advertisements

R

REA

It appears as though the Windows 2000 templates could not be enumerated on
the Windows 2003 Certsrv. A suggestion was to extent our 2000 AD schema to
2003's. We didn't want to do that considering we are still in the middle of
migration with 40+ Domain controllers. The windows 2003 Enterprise CA is
removed and two Windows 2000 CAs are implemented instead. Everything is
smooth now. We'll look at implementing the Windows 2003 enterprise CAs in a
2003 forest when we cross that bridge. I always hate it when my lab works
fine :).

Regards,

Romain


Eduard Koller said:
Did you configure the CA to issue the desired template(s)?
You can open certsrv.msc, look in the "templates" node, then
right-click -> new-> certificate template to issue


--
Eduard Koller[MS]

This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm


REA said:
Hi,
I am having this problem with my Enterprise Root CA. It won't issue any
certificate, not even to the Subordinate CA. Below are the events. These
events apply to all templates. I have tried many things, including
permissions. Could this be related to missing templates on the cert
server?
how do i load new or updated templates?

The CA server is Windows 2003(with sp1) in a windows 2000 AD.

Thanks in advance,
REA

Event Type: Warning
Event Source: CertSvc
Event Category: None
Event ID: 53
Date: 5/14/2005
Time: 10:06:18 AM
User: N/A
Computer: ServCA01
Description:
Certificate Services denied request 11581 because The requested
certificate
template is not supported by this CA. 0x80094800 (-2146875392). The
request
was for mydomain\DUser. Additional information: Denied by Policy Module
0x80094800, The request was for a certificate template that is not
supported
by the Certificate Services policy: User.


For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


Event Type: Warning
Event Source: CertSvc
Event Category: None
Event ID: 77
Date: 5/14/2005
Time: 10:06:18 AM
User: N/A
Computer: ServCA01
Description:
The "Windows default" Policy Module logged the following warning: The
User(v3.0): V1 Certificate Template could not be loaded. Element not
found.
0x80070490 (WIN32: 1168).


For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top