You have a server named Server1 that runs Windows Server 2012 R2. From Server Manager, you install the Active Directory Certificate Services server role on Server1. A domain administrator named Admin1 logs on to Server1.
When Admin1 runs the Certification Authority console, Admin1 receive the following error message.
You need to ensure that when Admin1 opens the Certification Authority console on Server1, the error message does not appear.
What should you do?
A . Install the Active Directory Certificate Services (AD CS) tools.
B . Run the regsvr32.exe command.
C . Modify the PATH system variable.
D . Configure the Active Directory Certificate Services server role from Server Manager.
E . Run the Install-AdcsCertificationAuthority cmdlet.
F . Add Admin1 to the Cert Publishers group.
G . Add Admin1to the Enterprise Admins group.
Answer: D
Explanation:
The error message is related to missing role configuration.
* Cannot Manage Active Directory Certificate Services
Resolution: configure the two Certification Authority and Certification Authority Web Enrollment Roles:
Active Directory Certificate Services (AD CS) is an Active Directory tool that lets administrators customize services in order to issue and manage public key certificates.
AD CS included:
CA Web enrollment – connects users to a CA with a Web browser
Certification authorities (CAs) – manages certificate validation and issues certificates
Etc.
Incorrect Answers:
A, E. The CA is installed, it just need to be configured correctly.
Note: Install-AdcsCertificationAuthority
The Install-AdcsCertificationAuthority cmdlet performs installation and configuration of the AD CS CA role service.
References: Cannot manage Active Directory Certificate Services in Server 2012 Error 0x800070002; Active Directory Certificate Services (AD CS) Definition
http://searchwindowsserver.techtarget.com/definition/Active-Directory-Certificate-Services-AD-CS
Leave a Reply