Problems with accessing CA remote

T

trondat

Hi,

We have a CA installed on a Server 2012 R2 machine. We are now having problems accessing the CA from other domain servers/computer. When we try to autoenroll certs, we receive a WIN32: 1722 RPC_S_SERVER_UNAVAILABLE error. Also when we try to do a "certutil -ping -config <CA server name>" we get the same error : 0x800706ba (WIN32: 1722 RPC_S_SERVER_UNAVAILABLE). The Certutil Ping command works fine if it's done on the CA server.

I have done some packet tracing on the CA server and it looks like it has something to do with authentication on the CA server :

70 11:34:24 26.07.2018 1.6270644 2A01:520:15:1:0:0:0:103 2A01:520:15:1:43B6:B834:E426:DF4F TCP TCP:Flags=...A...., SrcPort=DCE endpoint resolution(135), DstPort=62449, PayloadLen=0, Seq=3495830879, Ack=4195510670, Win=4140 (scale factor 0x8) = 1059840 {TCP:22, IPv6:21}
71 11:34:24 26.07.2018 1.6396521 2A01:520:15:1:0:0:0:103 2A01:520:15:1:43B6:B834:E426:DF4F MSRPC MSRPC:c/o Bind Ack: Call=0x2 Assoc Grp=0x53E4 Xmit=0x16D0 Recv=0x16D0 {MSRPC:23, TCP:22, IPv6:21}
72 11:34:24 26.07.2018 1.6412216 2A01:520:15:1:43B6:B834:E426:DF4F 2A01:520:15:1:0:0:0:103 DCOM DCOM:IObjectExporter:ServerAlive2 Request {MSRPC:23, TCP:22, IPv6:21}
73 11:34:24 26.07.2018 1.6413867 2A01:520:15:1:0:0:0:103 2A01:520:15:1:43B6:B834:E426:DF4F MSRPC MSRPC:c/o Fault: Call=0x2 Context=0x0 Status=0x5 Cancels=0x0 {MSRPC:23, TCP:22, IPv6:21}


Packet 73 decoded :

Frame: Number = 73, Captured Frame Length = 314, MediaType = ETHERNET
+ Ethernet: Etype = IPv6,DestinationAddress:[00-15-5D-01-D2-08],SourceAddress:[00-15-5D-01-37-03]
+ Ipv6: Next Protocol = TCP, Payload Length = 260
- Tcp: Flags=...AP..., SrcPort=DCE endpoint resolution(135), DstPort=62449, PayloadLen=240, Seq=3495830963 - 3495831203, Ack=4195510694, Win=4139 (scale factor 0x8) = 1059584
SrcPort: DCE endpoint resolution(135)
DstPort: 62449
SequenceNumber: 3495830963 (0xD05E25B3)
AcknowledgementNumber: 4195510694 (0xFA1269A6)
+ DataOffset: 80 (0x50)
+ Flags: ...AP...
Window: 4139 (scale factor 0x8) = 1059584
Checksum: 0x1FDD, Disregarded
UrgentPointer: 0 (0x0)
TCPPayload: SourcePort = 135, DestinationPort = 62449
- Msrpc: c/o Fault: Call=0x2 Context=0x0 Status=0x5 Cancels=0x0
- Fault:
RpcVers: 5 (0x5)
RpcVersMinor: 0 (0x0)
PType: 0x03 - Fault
+ PfcFlags: 3 (0x3)
+ PackedDrep: 0x10
FragLength: 240 (0xF0)
AuthLength: 0 (0x0)
CallId: 2 (0x2)
AllocHint: 240 (0xF0)
PContId: 0 (0x0)
CancelCount: 0 (0x0)
Reserved: 1 (0x1)
Status: 0x00000005 unknown
Reserved2: 0 (0x0)
- ExtendedErrorInformationBlob:
+ CommonTypeHeader: Version=1 Endianess=0x10 Little-endian
+ PrivateTypeHeader: BufferLength=192
+ ExtendedErrorList: Pointer To 0x00020000
+ ErrorInfo: Process=0x2C8 Time=09:34:24 26.07.2018
+ ErrorInfo: Process=0x2C8 Time=09:34:24 26.07.2018
- ErrorInfo: Process=0x2C8 Time=09:34:24 26.07.2018
+ Count: 0 Elements
+ padding: 4 Bytes
+ Next: Pointer To NULL
+ ComputerName: Not present
ProcessID: 712 (0x2C8)
+ Pad3: 4 Bytes
TimeStamp: 09:34:24 26.07.2018
GeneratingComponent: 1, Application - Component owning the manager routine for the particular RPC call.
Status: 0x00000005 - ERROR_ACCESS_DENIED - Access is denied.
DetectionLocation: 1321 (0x529)
+ Flags: 0x0000
NLen: 0 (0x0)
+ EEUString: balder
+ Padding: 6 Bytes


I have looked at the settings in the DCOMCNFG , but are not able to figure out what is wrong. I have also reinstalled the CA with no effect.

Any sugestions ?

Regards
Trond

Continue reading...
 
You must log in or register to reply here.

Similar threads

O
Appcrash after some updated went on my windows server and workstation
Replies
0
Views
672
omkarchowdary
O
B
Subordinate Certificate Authority fails to start (crypt_e_revocation_offline) under 3rd party root CA
Replies
0
Views
877
bitor_mk2
B
R
Windows 10 bluescreens on update
Replies
0
Views
720
rykuu
R
M
Problems with Windows Update: Error 8024402F
Replies
0
Views
3K
MEversbergII
M
J
Monitor Pixel offset with dual monitor (Win 7)
Replies
0
Views
318
JustinZeck
J
Back
Top Bottom