CA: Non - Enterprise, Standalone CA running on an Active Directory Domain controller.
I'm trying to get the web-enrollment proxy set up on a different machine,
Certificate services is configured, the web-enrollment machine is set up as trusted for delegation,
however I still get the following:
- Request Mode:
- newreq NN - New Request (keygen)
- Disposition:
- (never set)
- Disposition message:
- (none)
- Result:
- Access is denied. 0x80070005 (WIN32: 5)
- COM Error Info:
- CCertRequest::Submit Access is denied. 0x80070005 (WIN32: 5)
- LastStatus:
- The operation completed successfully. 0x0 (WIN32: 0)
- Suggested Cause:
- The Certification Authority Service has not been started.
The thing is, it can find the CA when I set up web-enrollment, and if I set up the CA as an Enterprise CA then it has no problem communicating, but I don't want to operate in Enterprise CA mode if I can help it, as the web-enrollment won't be for AD members.
theres definitely a six-pack of beer / a lunch in it if you can work out what i'm missing.
Thanks all.
Oh and yes the C.A. service is running on the machine, and if I point at the Web-enrollment on the machine hosting the CA it works fine.