C
Chris128
OK so I've run the following command:
Add-KdsRootKey –EffectiveImmediately
and I got the following logged in the KdsSvc event log:
Event ID: 4004
Group Key Distribution Service created the first master root key in AD. The key ID is 841452df-e084-1857-750d-b8dae6a149eb.
So all is good right? Apparently not... because even after a reboot, when I run this command (ripped straight from the example on Technet) :
New-ADServiceAccount ITFarm1 -DNSHostName ITFarm1.mydomain.com -PrincipalsAllowedToRetrieveManagedPassword ITFarmHosts -KerberosEncryptionType RC4, AES128, AES256
I get the following error:
"Key does not exist"
I only have one DC in this test environment and it is running Server 2012, and that's where I am running these powershell commands. Where am I going wrong?
Thanks
Chris
My website (free apps I've written for IT Pro's) : www.cjwdev.co.uk My blog: cjwdev.wordpress.com
Continue reading...
Add-KdsRootKey –EffectiveImmediately
and I got the following logged in the KdsSvc event log:
Event ID: 4004
Group Key Distribution Service created the first master root key in AD. The key ID is 841452df-e084-1857-750d-b8dae6a149eb.
So all is good right? Apparently not... because even after a reboot, when I run this command (ripped straight from the example on Technet) :
New-ADServiceAccount ITFarm1 -DNSHostName ITFarm1.mydomain.com -PrincipalsAllowedToRetrieveManagedPassword ITFarmHosts -KerberosEncryptionType RC4, AES128, AES256
I get the following error:
"Key does not exist"
I only have one DC in this test environment and it is running Server 2012, and that's where I am running these powershell commands. Where am I going wrong?
Thanks
Chris
My website (free apps I've written for IT Pro's) : www.cjwdev.co.uk My blog: cjwdev.wordpress.com
Continue reading...