000018811 - To prevent installation failure if Windows NT Domain controller is not present.

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000018811
Applies ToSentry CA all versions
Microsoft Windows NT 4.0
TechNote 0213
IssueTo prevent installation failure if Windows NT Domain controller is not present.
If you are installing to a computer on a network using a Windows NT Domain Controller, and you attempt to perform an installation when the network is down, the installation may fail if the user is using an account controlled by the NT Domain Controller. This installation failure occurs during the configuration of the Install Directory Server (IDS).
CauseThe problem occurs if the Administrator profile used to log on is only available via the NT Domain Controller. To create the Registry Key for IDS, access to the profile is required. If the profile cannot be accessed, the installation aborts.
ResolutionTo perform an installation when the network is down, you must use an administrative account that is controlled by the local machine. Rather than one that is controlled by an NT Domain Controller.
To perform an installation of Sentry CA when the network is down:
 1. Run the NT 4.0 User Manager program located at: \winnt\system32\usrmgr.exe
 2. Select the menu item: User -> Select Domain
 3. Enter the name of the local computer. From this local domain user listing, create an account and profile that has local Administrative access.
 4. Log out and log in locally to Windows NT using the new user account.
 5. Begin the installation procedure as described in the Sentry CA Administrator's guide.
 6. On the second page of the web-based phase of the installation (where the ports and mail server are specified) clear the checkbox with the title: Confirm that SMTP server is reachable.
 7. To make this installation available from the normal Network Domain User Account, when the Domain Controller is again available, you must export the Client Administrative Certificate from the browser to a file.
 8. When the Domain Controller is available, log in using the normal account and import the Client Administrative Certificate into the browser to gain administrative access to the installation. When Domain Controller network access can be established, the installation is made available to anyone who has access to the Client Administrative Certificate file stored on the hard disk.
Legacy Article IDa3605