Home > IT Answers > Microsoft Windows > certficate problem on Backup Domain Controlle...
Eliyevelxan
565 pts.
Q:
certficate problem on Backup Domain Controller
Active Directory, DNS, Domain Controllers, Backup Domain Controller (BDC)
Hi I removed First domain controoler Certficate then Created new certficate. Then i installed new certficate to backup domain controlller. Once the problem resolved. A litle bit later the problem return again

I thing that reason is cerfticate. The error like this:

[strong]The currently selected KDC certificate was once valid, but now is invalid and no suitable replacement was found.  Smartcard logon may not function correctly if this problem is not remedied.  Have the system administrator check on the state of the domain's public key infrastructure.  The chain status is in the error data.[/strong]

Please help



Software/Hardware used:
windows 2003 server
ASKED: Nov 30 2009  7:58 AM GMT
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
RELATED QUESTIONS
Eliyevelxan
565 pts.
A:
 RATE THIS ANSWER
0
Click to Vote:
  •   0
  •  0
  • Bookmark and Share
Do you have a certificate server on the domain? If so is it set to automatically approve requests for new certificates. If not you may need to manually go in and approve the certificates.


Yes. I have Certficate server on my first domain controler but not on second domain controllera(backup domain controllera). How can i set that automatically approve requests for new certificates?. I installed new certficate on second domain controllera but the problem not resolved.
Last Answered: Dec 1 2009  1:30 PM GMT by Eliyevelxan   565 pts.
Latest Contributors: Mrdenny   49385 pts.
  •   
RSS - Discussions Help
Discuss This Answer:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _



_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

Eliyevelxan   565 pts.  |   Dec 1 2009  1:29PM GMT

Yes. I have Certficate server on my first domain controler but not on second domain controllera(backup domain controllera). How can i set that automatically approve requests for new certificates?. I installed new certficate on second domain controllera but the problem not resolved.

 

Juano   105 pts.  |   Dec 9 2009  4:17AM GMT

Take a look at your Default Domain Policy properties, and look at Conputer configuration/Windows Settings/Security Settings/Public Key Policies/… I am not sure of the full path from top of my head but the “Certificate Services Client Auto-Enrollment” needs to be enabled.