Active Directory

Certification Authority Web Enrollment Configuration Failed 0x80070057

Posted on

Yesterday i want install CA Web Enrollment after migrating or restoring CA, but i got error when configuring process like this :

Certification Authority Web Enrollment: Configuration Failed
Active Directory Certificate Services setup failed with the following error: The parameter is incorrect. 0x80070057 (WIN32: 87)

ca

Root Cause :
The likely issue is that the value of SetupStatus at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration is configured to hexidecimal 6003, but should be configured to hexidecimal 6001. This is because 6003 indicates that CA Web Enrollment is already installed and 6001 indicates that it is not yet installed.

Solution :

Modify the registry SetupStatus to read 6001 and then install CA Web Enrollment. You can modify that registry setting with the following certutil command from Windows PowerShell or a command prompt run as Administrator:
certutil -setreg config\setupstatus 0x6001

 

Reference : https://social.technet.microsoft.com/wiki/contents/articles/12035.ad-certification-authority-web-enrollment-configuration-failed-0x80070057-win32-87.aspx

add url to intranet zone using gpo

Posted on Updated on

1.Open Group Policy Management

2.navigate to User Configuration\Policies\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel à\Security Page,then

select “Site to zone assignment List”

3.Select enable and click show,then add url what you want to add list.Example : rms.domain.com

image

4.Clik Apply and Oke

how to add role AD DS

Posted on Updated on

1.Open your server manager and klik add role

image

2.klik next for next step

image

3.and than you can check active directory domain service

image

and add required feature .net framework 3.5.1

image

4.after cek klik next

image

5.klik next for next step

image

6.klik install

image

7.wait until the process is complete

image

and klik close

image

8.Open your server manager and klik run active directory domain service installation wizard

image

9.you can klik next

image

10.klik next

image

11.because I will create a new domain,so I chose create a new domain in a new forest,klik next

image

12.entry your domain for example skytri.com

image

13.because I use windows server 2008 r2,so I chose window server 2008 r2

image

14.cek dns server and klik next

image

klik yes to continue

image

15.chose path,better you chose by default

image

16.enter your password for AD

image

17.klik next

image

18.wait until the process is complete,and if you cek reboot on completion server will automatically restart

image