| Event Id | 13 |
| Source | AutoEnrollment |
| Description | Automatic certificate enrollment for |
| Event Information | According to Microsoft, Cause: If a user tries to enroll for certificates from a Windows Server 2003 Enterprise Edition certification authority (CA) and the Include e-mail name in subject name option is selected on the template, the user cannot enroll. This problem occurs because the e-mail address is not defined in the Active Directory account of the user who is trying to enroll. The LDAP mail attribute is missing from the Active Directory user account. Resolution: To resolve this problem, use Active Directory Users and Computers to define the mail attribute on the user account. To do so, follow these steps on a domain controller or a workstation that has the Active Directory administrative tools installed: 1. Click Start , click Run, type dsa.msc, and then click OK. 2. In Active Directory, right-click the user account, and then click Properties. 3. Type the user e-mail address in the E-mail box. 4. Click OK. |
| Reference Links | Troubleshooting (Certificate Autoenrollment in Windows Server 2003) Description of the changes to DCOM security settings after you install Windows Server 2003 Service Pack 1 Users Cannot Enroll for a Certificate When the Include E-mail Name in Subject Name Option Is Selected on the Template Windows Operating System (autoenrollment) Certificate Autoenrollment in Windows XP |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.