Myke 0 Posted August 21, 2006 We've been getting this error on our network for a good while, now. I've also spent a great deal of time researching the cause and possible solutions to the problem, but to no avail. This error is happening on our Exchange server and with the following error message in the System log of the Event Viewer: Event Type: Error Event Source: DCOM Event Category: None Event ID: 10006 Date: *date* Time: *every 8 hours* User: *domain\user* Computer: *server name* Description: DCOM got error "General access denied error " from the computer *server name*.*domain name* when attempting to activate the server: {D99E6E74-FC88-11D0-B498-00A0C90312F3} For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.'>http://go.microsoft.com/fwlink/events.asp. If I go to the user's desktop and look in their Event Viewer, I get the exact same error message in the System log at the exact same time the error occurrs on the server. In addition, I also get the following error message in the Application log at the same time: Event Type: Error Event Source: AutoEnrollment Event Category: None Event ID: 13 Date: *date* Time: *every 8 hours* User: *domain\user* Computer: *computer name* Description: Automatic certificate enrollment for *domain\user* failed to enroll for one Basic EFS certicicate (0x80070005). Access is denied. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. When I follow the links as instructed, they bring up information regarding Windows Server 2003. We do not use 2003. All of our servers use Windows 2000 SP 4 and each client uses Windows XP SP 2. All forums that I have read only show how to resolve the issues with 2003, not our systems. I have even tried to force the group policy updates on each client that has this error using gpupdate /force in the command prompt, but this doesn't help. These error messages are recurring every 8 hours for each user and I really would like to see them stop. In addition to this, it doesn't seem to do with the computer they are using. One of the users who were experiencing this error received a new computer and still continued to receive these errors, so I know it's user-based and not PC-based. Does anyone have any clues or hints that they could point me towards solving this issue? I thank you in advance. Share this post Link to post
peterh 1 Posted September 5, 2006 If a user is using EFS then de-encrypt all their files first. Open Certificates.msc on their PC for their username, export their cert to a file for safe keeping, then delete their personal certificate. This should remove the certificate and stop contacting a potentially non-existant Certificate Authority Server (which the cert is trying to contact). Create a new personal certificate for that user if they wish to continue using EFS. Share this post Link to post
Myke 0 Posted October 2, 2006 PROBLEM SOLVED!!! Well, after spending a good while searching for a solution, I finally resolved this error. Thanks to peterh for pointing me in the right direction. After reading his explanation of the cause, I began looking into the personal certificates of the users on their local machine and found that they were missing a certificate issued to that user from the certificate authority (CA). All other systems had this certificate issued to the user using the PC. I tried to request a new certificate, but it said the CA would not let me. Moving to the CA server, I found that the Certificate service was set to manual and not automatic, and also was not started. However, I was unable to start the service because it claimed that this was not a Windows component (yeah, I wasn't thrilled about this). Some more research yielded the following article: http://support.microsoft.com/kb/842210/en-us It is titled "Certificate Services may not start on a computer that is running Windows Server 2003 or Windows 2000." Essentially, I had to download and install the Windows Server 2003 Administration Tools Kit onto a Windows XP machine, then copy 4 of those files onto a floppy and copy those files onto the local drive of the CA server. After words, there was a whole lot of comparing of certificates, dumping/renewing the hash, etc. In the end, starting the service back up fixed the entire problem. The DCOM errors that plagued our event viewer for the last few months have finally stopped. If anyone else has or is experiencing this problem and would like some tips or hints on how I resolved it, feel free to ask and I'll do my best. This was an extremely annoying thing to deal with and every forum I went to offered no solution. I'm more than willing to help out. Share this post Link to post