Server 2008 R2 Error 29 - with a twist
we have 5 dcs (2 read in dmz), 4 of them report same issue every day. error this:
"the key distribution center (kdc) cannot find suitable certificate use smart card logons, or kdc certificate not verified. smart card logon may not function correctly if problem not resolved. correct problem, either verify existing kdc certificate using certutil.exe or enroll new kdc certificate."
running "certutil -dcinfo verify" administrator command prompt not report certificate issues on dc.
advice ms/technet obtain valid dc certificate goes on " in case error handling not take account non-ca environment."
problem have non-ca environment dcs have valid certificates (minimum 1 year expiration) issued same source.
if due non-ca environment why 1 dc not report , how can resolve issue?
"the key distribution center (kdc) cannot find suitable certificate use smart card logons, or kdc certificate not verified. smart card logon may not function correctly if problem not resolved. correct problem, either verify existing kdc certificate using certutil.exe or enroll new kdc certificate."
running "certutil -dcinfo verify" administrator command prompt not report certificate issues on dc.
advice ms/technet obtain valid dc certificate goes on " in case error handling not take account non-ca environment."
problem have non-ca environment dcs have valid certificates (minimum 1 year expiration) issued same source.
if due non-ca environment why 1 dc not report , how can resolve issue?
hello,
to sure ask security experts in http://social.technet.microsoft.com/forums/windowsserver/en-us/home?forum=winserversecurity
best regards
meinolf weber
mvp, mcp, mcts
microsoft mvp - directory services
my blog: http://msmvps.com/blogs/mweber/
disclaimer: posting provided no warranties or guarantees , confers no rights.
Windows Server > Windows Server General Forum
Comments
Post a Comment