If the enterprise CA is also one of the domain controllers, you need to add the "Domain Controllers" group to the domain local group "CERTSVC_DCOM_ACCESS", and this will correct the issue.
This group was created during the last server 2003 service pack, domain users and domain computers are automatically in the group, however domain controllers are not.
No comments:
Post a Comment