| Event Id | 107 |
| Source | Microsoft-Windows-CertificationAuthority |
| Description | Active Directory Certificate Services cannot delete invalid CA certificate %1 from %2. %3. %4. |
| Event Information | According to Microsoft : Cause : This event is logged when Active Directory Certificate Services cannot delete invalid CA certificate. Resolution : Enable AD CS to delete a CA certificate from Active Directory Domain Services To enable Active Directory Certificate Services (AD CS) to delete the certification authority (CA) certificate identified in the event log message from Active Directory Domain Services (AD DS): 1.Confirm that the CA has necessary permissions to essential AD DS containers and objects. 2.Confirm that the CA certificate exists in the AIA container. 3.Confirm the status of the CA certificate. 4.After these conditions have been addressed, delete the certificate manually. Note: To perform this procedure, you must have membership in Domain Admins, or you must have been delegated the appropriate authority on the domain controller. Confirm permissions on essential AD DS containers and objects To confirm that the CA has necessary permissions on AD DS containers and objects within these containers: 1.On a domain controller, clickStart, point toAdministrative Tools, and clickActive Directory Sites and Services. 2.Click Active Directory Sites and Services [domainname] where [domainname] is the name of your domain. 3.On the View menu, clickShow Services Node. 4.Double-clickServices, double-clickPublic Key Services, and right-click each container listed below, or the objects listed within the container, and click Properties. 5.On theSecurity tab, confirm the required permissions. |
| Reference Links | Event ID 107 from Source CertificationAuthority |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.