Event Id | 46 |
Source | CertSvc |
Description | The "Enterprise and Stand-alone Exit Module" Exit Module "Notify" method returned an error. The operation could not be completed. A retry should be performed. The returned status code is 0x800704d5 (1237). The Certification Authority was unable to publish the CRL to the Directory Service. Publishing will be retried at a later time. Access is denied. (0x80070005). |
Event Information | CAUSE:
This problem can occur if the CA caches a damaged LDAP handle to the DC that was the LDAP distribution-point URL target. Initially, the CA connected to the CRL distribution point, and then cached that LDAP handle. If the DC then unexpectedly becomes unavailable, the CA was left with a cached LDAP handle, and this cached handle is invalid when the DC becomes available again. As a result of this, CRL publication requests are denied. RESOLUTION: To work around this problem: Force the CA to flush the bad handle to cause a new binding to be established. Note that you can usually work around this problem if you stop and then restart the Certificate services on the affected CA. Manually publish the CRL after you restart the service. |
Reference Links | Certification Authority Does Not Publish Certificate Revocation List to Active Directory |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.