| Event Source: | Microsoft-Windows-EnrollmentPolicyWebService |
| Event ID: | 9 (0x9) |
| Event log: | Microsoft-Windows-EnrollmentPolicyWebService/Admin |
| Event type: | Error |
| Event text (English): | The Active Directory certificate enrollment policy provider failed to obtain policy information from Active Directory Domain Services (AD DS). The provider will attempt to read the information again in %1 milliseconds. If the problem persists, enable tracing in the web.config file, enable logging by using "certutil -setreg debug 0xffffffe3", restart IIS by using iisreset.exe, attempt to obtain policy information from any client, and then contact Microsoft Customer Service and Support with the information in the trace files and certenroll.log file. %2 |
| Event text (German): | The Active Directory certificate enrollment policy provider could not retrieve the policy information from Active Directory Domain Services. In "%1" milliseconds, it tries to read the information again. If the problem persists, enable tracing in the web.config file, enable logging by using certutil -setreg debug 0xffffffe3, restart IIS, retrieve policy information from any client, and then contact Microsoft Customer Service and Support with the information in the tracing files and the certenroll.log file. %2 |
Parameter
The parameters contained in the event text are filled with the following fields:
- %1: RetryIntervalMs (win:Int32)
- %2: Error (win:Int32)
The Certificate Enrollment Web Services (Certificate Enrollment Policy Web Service, CEP, and Certificate Enrollment Web Service, CES) enable the automatic request and renewal of certificates from a certification authority via a Web-based interface. This eliminates the need to contact the certification authority directly via Remote Procedure Call (RPC). For a more detailed description, see the article "Certificate request basics via Certificate Enrollment Web Services (CEP, CES)„.
Example events
The Active Directory certificate enrollment policy provider failed to obtain policy information from Active Directory Domain Services (AD DS). The provider will attempt to read the information again in 1800000 milliseconds. If the problem persists, enable tracing in the web.config file, enable logging by using "certutil -setreg debug 0xffffffe3", restart IIS by using iisreset.exe, attempt to obtain policy information from any client, and then contact Microsoft Customer Service and Support with the information in the trace files and certenroll.log file. A directory service error has occurred.
Description
No description has been written for this yet.
Safety assessment
The security assessment is based on the three dimensions of confidentiality, integrity and availability.
No description has been written for this yet.
English 
Deutsch