Issue
Domain controllers fail to enroll for certificates. Following errors are logged in server application logs:
Source: CertificateServicesClient-CertEnroll
Event ID: 13
Level: Error
Description:
Certificate enrollment for Local system failed to enroll for a DomainController certificate with request ID N/A from <Server FQDN>\<CA FQDN> (The RPC server is unavailable. 0x800706ba (WIN32: 1722)).
Source: CertificateServicesClient-AutoEnrollment
Event ID: 6
Level: Error
Description:
Automatic certificate enrollment for local system failed (0x800706ba) The RPC server is unavailable.
Resolution
Issue was resolved by adding Domain Controllers security group as a member to CERTSVC_DCOM_ACCESS security group.
Windows Server 2008 R2
Leave a Reply