I was wondering if anyone knows what the prerequisites are for the Network Device Enrollment Service in W2k8?
I know it requires enterprise version of server, but that's all I can find.
I'm specifically wondering if the service can run on a W2k8 Enterprise server as a domain controller.
I have AD certificate service installed and working. I tried to install the role service for the network device enrollment and it requires a domain user account or network service to install.
Selecting Network Service gives an error "Network service account cannot send authenticated certificate request to a local enterprise CA. Specify a user account.
Selecting a user account give me this error "The account is not a member of the local machines IIS_IUSRS group?
Obviously since this is a domain controller you cannot access local users or groups.
I tried to dcpromo the server, adding the user account and dcpromo again and didn't work.
I tried installing the service on the server as a member server then dcpromo again but running dcpromo required certificate services uninstalled. Catch 22!.
I'm guessing I would have to provision another w2k8 server as a member server to use the SCEP service? But like I said I couldnt find any prereq requirements.
I know it requires enterprise version of server, but that's all I can find.
I'm specifically wondering if the service can run on a W2k8 Enterprise server as a domain controller.
I have AD certificate service installed and working. I tried to install the role service for the network device enrollment and it requires a domain user account or network service to install.
Selecting Network Service gives an error "Network service account cannot send authenticated certificate request to a local enterprise CA. Specify a user account.
Selecting a user account give me this error "The account is not a member of the local machines IIS_IUSRS group?
Obviously since this is a domain controller you cannot access local users or groups.
I tried to dcpromo the server, adding the user account and dcpromo again and didn't work.
I tried installing the service on the server as a member server then dcpromo again but running dcpromo required certificate services uninstalled. Catch 22!.
I'm guessing I would have to provision another w2k8 server as a member server to use the SCEP service? But like I said I couldnt find any prereq requirements.