Collection Rule for event with source CertificationAuthority and ID 104 Rule

  • ID:  Microsoft.Windows.CertificateServices.CARole.6.2.CertSvcEvents.104
  • Description:  Active Directory Certificate Services published certificate.
  • Target:  Certificate Service (2012)
  • Enabled:  On Essential Monitoring

Run As Profiles

Name
Default

Rule Knowledgebase

Summary

Chain or path validation is the process by which end-entity (user or computer) certificates and all certification authority (CA) certificates are processed hierarchically until the certificate chain terminates at a trusted, self-signed certificate. Typically, this is a root CA certificate. Active Directory Certificate Services (AD CS) startup can fail if there are problems with availability, validity, and chain validation for the CA certificate.

Causes
This rule does not contain any causes.
Resolutions

AD CS published a CA certificate to Active Directory Domain Services

This behavior is by design.

Active Directory Certificate Services (AD CS) published the specified certification authority (CA) certificate to Active Directory Domain Services (AD DS).

This warning indicates that AD CS republished the CA certificate to AD DS because the certificate was not found in the AIA container (CN=AIA,CN=Public Key Services,CN=Services,DC=contoso,DC=com) in AD DS.

External References
This rule does not contain any external references.

See Also for Active Directory Certificate Services Management Pack


Downloads for Active Directory Certificate Services Management Pack

AZURE OPTIMIZATION ASSESSMENT GET STARTED
MIGRATION TO AZURE GET STARTED
SYSTEM CENTER MIGRATION TO AZURE GET STARTED
MIGRATION TO AZURE FOR SQL AND WINDOWS 2008 GET STARTED