Event ID - 92

Event Id92
SourceMicrosoft-Windows-CertificationAuthority
DescriptionActive Directory Certificate Services could not update security permissions. %1
Event InformationAccording to Microsoft :

Cause

This event is logged when Active Directory Certificate Services could not update security permissions.

Resolution

Update security permissions with an authorized user account

Confirm that the user who tempted to update security permissions has been authorized to set permissions on Active Directory Certificate Services (AD CS) objects.

If you did not intend for the user to be blocked from modifying permissions on AD CS objects, you need to:
  • Enable auditing on the certification authority (CA).
  • Grant the user the needed CA administrator and certificate manager permissions on the CA.
  • Complete the operation as an authorized user.
To perform these procedures, you must have Manage CA permission, or you must have been delegated the appropriate authority.

Enable auditing on a CA

To enable auditing on a CA:
  1. On the computer hosting the CA, click Start, point to Administrative Tools , and click Certification Authority .
  2. Right-click the name of the CA, and click Properties .
  3. Click the Auditing tab, and click Change CA security settings .
  4. Restart the CA.
  5. Audit administrative actions on the CA for several weeks or until you are satisfied that no other attacks are likely before disabling CA auditing.
Note : To audit events, the computer must also be configured for auditing of object access. Audit policy options can be viewed and managed in local or domain Group Policy under Computer Configuration\Windows Settings\Security Settings\Local Policies.

Grant administrator and certificate manager permissions on the CA

To set CA administrator and certificate manager security permissions for a CA:
  1. On the computer hosting the CA, click Start , point to Administrative Tools , and click Certification Authority .
  2. In the console tree, click the name of the CA.
  3. On the Action menu, click Properties .
  4. Click the Security tab, and specify the security permissions.
  5. Complete the CA management operation as an authorized user.
Verify :

To perform this procedure, you must have membership in local Administrators on the computer hosting the certification authority (CA), or you must have been delegated the appropriate authority.

To confirm that the CA logon context is correct:
  1. On the computer hosting the CA, click Start , point to Administrative Tools , and click Services .
  2. Confirm that the word Started appears in the Status belong for the Active Directory Certificate Services service.
Reference LinksEvent ID 92 from Source Microsoft-Windows-CertificationAuthority

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh