Assume the following scenario:
- An NDES server is configured on the network.
- When accessing the NDES application web page (mscep) and the NDES administration web page (certsrv/mscep_admin), HTTP error 500 (Internal Server Error) is reported with error code 0x80004005.
- The events are No. 2 and No. 8 stored in the application event log:
The Network Device Enrollment Service cannot be started (0x80004005). Unspecified error
The Network Device Enrollment Service (NDES) provides a way for devices that do not have an identifier in Active Directory (for example, network devices such as routers, switches, printers, thin clients, or smartphones and tablets) to request certificates from a certification authority. For a more detailed description, see the article "Network Device Enrollment Service (NDES) Basics„.
The Network Device Enrollment Service cannot retrieve information about the certification authority (0x80004005). Unspecified error
Possible cause: missing firewall rules
The error occurs, among other things, when the NDES server cannot communicate with the certification authority over the network. In this case, calling the mscep page also takes an unusually long time.
| Network protocol | Destination port | Protocol |
|---|---|---|
| TCP | 135 | RPC Endpoint Mapper |
| TCP | 49152-65535 | RPC dynamic ports |
Possible cause: missing permissions
The error also occurs if the service account under which NDES is running does not have the "Access this Computer from the network" permission on the certificate authority.
English 
Deutsch
3 thoughts on “Der Registrierungsdienst für Netzwerkgeräte (NDES) protokolliert die Fehlermeldung „The Network Device Enrollment Service cannot be started (0x80004005). Unspecified error“”
Comments are closed.