Assume the following scenario:
- For the first time, a certification authority (Enterprise Certification Authority) integrated into Active Directory is to be installed in the network.
- The rights to install the certificate authority have been delegated to a separate security group or account for security reasons, so no Enterprise Administrator login is required. Put another way: The user used is not a member of the Enterprise Administrators group in the Active Directory forest.
- Since this is the first certification authority in the network, no Standard certificate templates installed in the Active Directory. When opening the certificate template management console (certtmpl.msc), one is prompted to install it.
- The installation fails with the following error message:
Windows could not install the new certificate templates. This security ID may not be assigned as the owner of this object.Continue reading „Die Installation der Standard-Zertifikatvorlagen schlägt fehl mit Fehlermeldung „This security ID may not be assigned as the owner of this object.““