Quantcast
Channel: Security forum
Viewing all articles
Browse latest Browse all 12072

Certificate auto enroll tries to talk to old CA server even though template is from new

$
0
0

Hi,

We used to have a single CA in our resource domain that has been replaced by a corporate PKI solution that sits in a different forest.

The old CA has been decommisioned and removed from the Enrollment Services OU so should not be issuing certs, and the server has been removed (VM deleted).

From a Net Mon trace on the client it would appear everything is find as it does the LDAP queries and pulls out the correct config information for our two new issuing servers listed in the Enrollment Services OU but then actually tries to communicate with the old server name (you see it query DNS for "OLDCA") and eventually fails with the EventID 130x800706ba -  The RPC server is unavailable

Half our PC's work fine, half fail. My desktop is OK but my colleagues built from the same image fails. Doesn't appear to be a permissions problem.

Going a bit mad over this one, can anyone help?

Paul.



Viewing all articles
Browse latest Browse all 12072

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>