Here are the full errors:
Automatic certificate enrollment for local system failed to enroll for one Domain Controller Authentication certificate (0x800706ba). The RPC server is unavailable.
Automatic certificate enrollment for local system failed to enroll for one Directory Email Replication certificate (0x800706ba). The RPC server is unavailable.
I have inherited these errors so I can only tell you what I have done so far.
1. The Domain Controllers/Admins/Computers have been added to CERTSVC_DCOM_ACCESS security group. Then ran following commands:
“certutil -setreg SetupStatus -SETUP_DCOM_SECURITY_UPDATED_FLAG”
“net stop certsvc && net start certsvc”
2. CA (Certificate Authority) has been installed on the primary DC. At one point it was installed on a previous DC but that DC was rebuilt and no longer exits. I have removed all mention of that DC in AD (that I know of).
3. Domain Controllers/Admins/Computers have been added to Security group under PROPERTIES in the CA.
So far, nothing has worked. I am still getting the event on my primary DC. I am also receiving KDC warnings on several computers with a message stating basically that the certificates are no longer valid and when attempting to retrieve new ones the server couldn’t be found or didn’t respond.
I am open to any and all suggestions at this point. I appreciate any help you might suggest.
