KB ID 0000520
Seen every few hours in the application log:
Source: AutoEnrollment Description: Automatic certificate enrollment for the local system failed to enroll for one Domain Controller certificate (0x80070005). Access is denied.
1. Go to your domain controller > Open Active Directory users and computers > Locate the CERTSVC_DCOM_ACCESS group.
2. Add in the “Domain Controllers” group.
3. On your Certification Authority Server > drop to command line and issue the following three commands.
certutil –setreg SetupStatus –SETUP_DCOM_SECURITY_UPDATED_FLAG net stop certsvc net start certsvc
Related Articles, References, Credits, or External Links