Certificate Services
I have a domain server that I've set up as an enterprise certificate authority. While setting up another domain controller as a secondary certificate server, I noticed it would automatically pull from the enterprise controller. I worked through
a whole host of things and found something odd. With Certutil -ping, I get a response back when i use the IP address of the server, but RPC server unavailable when I use the server name. DNS is working properly. I can ping the server by address
and name as well as fqdn. What could be the problem? Certificate services is running properly, no errors in the event log. Nothing in the security log. I just have a RPC server not found when using certutil -ping and when trying to
connect with certificate services mmc.
Any help? Or where to look? Acts like it can't resolve the name, but the name is getting resolved.
May 28th, 2011 8:36pm
Hello,
the security forum is the better place to ask:
http://social.technet.microsoft.com/Forums/en/winserversecurity/threadsBest regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Free Windows Admin Tool Kit Click here and download it now
May 29th, 2011 6:08am
Hi Wigglethorpe,
Do you use command like below?
certutil -ping -config "CADNSName\CAName"
There is DCOM security issue result in Certutil RPC error. Please refer to articles below to resolve your issue.
http://social.technet.microsoft.com/Forums/en-US/winserversecurity/thread/26e04569-4e7c-44d7-a5c3-48c50ed3ad38
http://social.technet.microsoft.com/Forums/en/windowsserver2008r2general/thread/f3de8600-cf4e-4a39-a42e-7f929e1b8d6d
If there is any update on this issue, please feel free to let us know.
Regards,
Rick Tan
May 30th, 2011 3:59am