Guest Billy Posted May 8, 2008 Posted May 8, 2008 Hello All, I hope you can help: I keep seeing errors when I setup a Enterprise CA. The Certsvc request is configured in component services to utilize port 2000 (lets say), and rpc ports are restricted to a range of ports. (usually 100 ports are allocated). However, The CA process is usually found on a port in the rpc range instead of being on the port specifically allocated to it (2000). This causes Autoenrollment of certificates to not occur unless i reset the configuration in component services to default. Upon further investigation, i found that the DHCP server service loves to grab the 2000 port, and this then forces forces the CA service to take a port within the rpc range. The question becomes: Can I force the CA to always grab port 2000 before anything else takes it? thanks in advance. Quote
Guest Brian Komar \(MVP\) Posted May 8, 2008 Posted May 8, 2008 why are you changing the default configuration? What risk are you trying to mitigate. You mention that the configuration works when running in the default configuration. Why change something that works? Brian "Billy" <BillyRycroft@gmail.com> wrote in message news:15244f4b-f4fb-4be3-ad67-ccb71c093d44@r66g2000hsg.googlegroups.com...<span style="color:blue"> > Hello All, > I hope you can help: > > I keep seeing errors when I setup a Enterprise CA. The Certsvc > request > is configured in component services to utilize port 2000 (lets say), > and rpc ports are restricted to a range of ports. (usually 100 > ports are allocated). However, The CA process is usually found on a > port in the rpc range > instead of being on the port specifically allocated to it (2000). > > > This causes Autoenrollment of certificates to not occur unless i > reset > the configuration in component services to default. > > > Upon further investigation, i found that the DHCP server service > loves > to > grab the 2000 port, and this then forces forces the CA service to > take a port within the rpc range. The > question becomes: Can I force the CA to always grab port 2000 before > anything else takes it? > > > thanks in advance. > > </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.