AEP enrollment object not showing in Windows 2008
Originally Published: 2013-09-23
Article Number
Applies To
Fedora Auto Enrollment Proxy (AEP)
Microsoft Windows Server 2008
Issue
SYMPTOM #1:
When following the instructions in the RCM Windows PKI admin guide to set up AEP on Windows 2008 server, the enrollment object that is created in the forest root Configuration Context (when the ?Populate AD? button is clicked in the AEP options dialog) is not visible as a valid Certification Authority. Thus you can not request certificates using that object. Any certificate templates that are assigned to that object will not be valid certificate templates for enrollment.
SYMPTOM #2:
Another symptom that you may observe is that certificate templates which were explicitly assigned to the RHCS (Red Hat Certificate System) enrollment object do not function for enrollment.
Cause
For the second symptom, since the RCM Windows PKI admin guide requires that Microsoft Certificate Services be installed on the AEP host, the Microsoft Certificate Services installation creates an enrollment object in the forest root Configuration Context as well. If the 'displayName' attribute is not set as above for the RHCS enrollment object, only templates that are assigned to the Microsoft Certificate Services object that was created will be available.
Resolution
As a workaround, populate the 'displayName' of the enrollment object using ADSI Edit with a descriptive name:
=> ADSI Edit
=> Configuration [hostname.domain.net]
=> 'CN=Configuration,DC=domain,DC=net'
=> 'CN=Services'
=> 'CN=Public Key Services'
=> 'CN=Enrollment Services'
=> 'CN=Red Hat Certificate System Proxy'
=> update 'displayName' attribute with a descriptive name, such as 'RCM Win2k8 CA' or 'AEP Proxy'.
Notes
Related Articles
RSA Identity Management and Governance Group Access is not shown under the account popup screen for users Number of Views ClassNotFoundException: com.aveksa.migration.db.password.ViewPasswordSettingMigrator while installing a patch in RSA Gover… Number of Views System down with Initialization Status 'ORA-06502: PL/SQL:numeric or value error: raw variable length too long' error afte… Number of Views Entitlements manually added when an Application has 'Complete Manual Activity Before Collection' enabled do not show in th… Number of Views 8.5P4 linux webtier shows online-reinstall required Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA announces the availability of the RSA SecurID Hardware Appliance 230 based on the Dell PowerEdge R240 Server How to troubleshoot Oracle database ORA-04030 errors in RSA Identity Governance & Lifecycle RSA Authentication Manager Upgrade Process Microsoft SQL Server Collectors can no longer connect to the SQL Server database after upgrade to Microsoft SQL Server 201…
Don't see what you're looking for?
