Source: AutoEnrollment Description: Automatic certificate enrollment for the local system failed to enroll for one Domain Controller certificate (0x80070005). Access is denied.
Solution
1. Go to your domain controller > Open Active Directory users and computers > Locate the CERTSVC_DCOM_ACCESS group.
2. Add in the “Domain Controllers” group.
3. On your Certification Authority Server > drop to command line and issue the following three commands.
[box]
certutil –setreg SetupStatus –SETUP_DCOM_SECURITY_UPDATED_FLAG
net stop certsvc
net start certsvc
[/box]
Related Articles, References, Credits, or External Links
Activation context generation failed for “C:Program Files (x86)Common FilesAdobe AIRVersions1.0Adobe AIR.dll”.Error in manifest or policy file “C:Program Files (x86)Common FilesAdobe AIRVersions1.0Adobe AIR.dll” on line 3. The value “MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR” of attribute “version” in element “assemblyIdentity” is invalid.
The version of Abode Air that you are running is out of date! Remove and download a new one. In my case it was the version that installed with Adobe CS4.
Solution
1. Click Start > In the search/run box type appwiz.cpl {enter}.
2. Locate Adobe Air > Un-install
3. You may get a warning to say some applications need Adobe Air to run don’t panic just un-install it.
4. Once its been safely removed go here and download the latest version > then install.
Related Articles, References, Credits, or External Links
Seen in the application log of a Windows Certificate Services server (Server 2012 R2)
[box]Log Name: Application
Source: Microsoft-Windows-CertificationAuthority
Date: 07/02/2015 15:55:26
Event ID: 128
Task Category: None
Level: Warning
Keywords:
User: SYSTEM
Computer: PNLPKI00v.petenetlive.com
Description:
An Authority Key Identifier was passed as part of the certificate request 29. This feature has not been enabled. To enable specifying a CA key for certificate signing, run: "certutil -setreg caUseDefinedCACertInRequest 1" and then restart the service.[/box]
Solution
The event is pretty much telling you exactly what to do to fix it! Open an elevated command prompt and enter the following commands;
[box]
certutil -setreg caUseDefinedCACertInRequest 1
net stop CertSvc
net start CertSvc
[/box]
Or you can simply open the registry editor and navigate to;
Freshly installed Exchange 2013 Server (was migrated from Exchange 2007) and it threw out this error.
Log Name: Application
Source: MSExchangeTransport
Event ID: 25006
Task Category: Configuration
Level: Error
Keywords: Classic
User: N/A
Computer: PNL-Exchange.petenetlive.net
Description:
The path to the Queue Quota component log has not been set. Queue Quota component log will not be written.
Solution
1. A quick internet search told me to check what had been set with the following commands,
[box]
Get-TransportServer |
fl Queue*
OR
Get-TransportService |
fl Queue*
[/box]
2. Above we can see three things, Get-TransportServer is a command that is going to be depreciated, there is NOTHING set for the QueueQuotaLogPath, and QueueQuotaLogEnabled is set to true (it’s turned on). Even if we use the newer syntax (below) the result is the same.
3. OK, first I created a folder on the Exchange server and tried to manually set the log path. Then I tried to set QueueQuotaLogEnabled to ‘False’ to see if that cured the problem. It would not let me do either.
Some more searching led me to find that these properties can not be changed (at the moment anyway), as they are both flagged as ‘This parameter is reserved for internal Microsoft use’.
This parameter is reserved for internal Microsoft use.
QueueQuotaLogEnabled
Optional
This parameter is reserved for internal Microsoft use.
QueueQuotaLogMaxAge
Optional
This parameter is reserved for internal Microsoft use.
QueueQuotaLogMaxDirectorySize
Optional
This parameter is reserved for internal Microsoft use.
QueueQuotaLogMaxFileSize
Optional
This parameter is reserved for internal Microsoft use.
QueueQuotaLogPath
Optional
This parameter is reserved for internal Microsoft use.
So, in typical Microsoft fashion, it looks like we will have to put up with this error, until they make those parameters editable. If that changes, send me an email (link below).
Related Articles, References, Credits, or External Links
Seen on an Exchange 2010 server, this server had previously been upgraded from Exchange 2007, and that was upgraded from Exchange 2003.
Event ID 9335
Log Name: Application
Source: MSExchangeSA
Event ID: 9335
Task Category: (13)
Level: Error
Keywords: Classic
User: N/A
Computer: ServerName
Description:
OABGen encountered error 80004005 while cleaning the offline address list public folders under
/o=org/cn=addrlists/cn=oabs/cn=Default Offline Address Book. Please make sure the public folder
database is mounted and replicas exist of the offline address list folders. No offline address
lists have been generated. Please check the event log for more information.
- Default Offline Address Book
Event ID 9331
Log Name: Application
Source: MSExchangeSA
Date: 29/08/2013 06:10:50
Event ID: 9331
Task Category: (13)
Level: Error
Keywords: Classic
User: N/A
Computer: ServerName
Description:
OABGen encountered error 80004005 (internal ID 50101f1) accessing the public folder database
while generating the offline address list for address list '/'.
- Default Offline Address Book
Solution
Note: If you don’t have any Outlook 2003 clients left in the organisation, this is a moot point. Simply disable distribution of the offline address book via public folder. (Newer Outlook clients use web based distribution.)
1. Before we do anything make sure that the offline address book has been specified, is shown on the correct server, and is set as default.
2. From the Exchange Management Console > Toolbox > Public Folder Management > system Public Folders > OFFLINE ADDRESS BOOK > Then in the center window, right click each one > Properties > Replication > The server that hosts the public folder should be in here > (In my case it was not.) > Add it in.
3. Now you can force the OAB to update with the following command;