Details of the event with ID 34 of the source Microsoft-Windows-NetworkDeviceEnrollmentService

Author Uwe GradeneggerPosted on Categories Events, Network Device Registration Service (NDES)Tags
Event Source:Microsoft-Windows-NetworkDeviceEnrollmentService
Event ID:34 (0x22)
Event log:Application
Event type:Error
Symbolic Name:EVENT_SCEP_RA_EXPIRE
Event text (English):At least one of the certificates for the Network Device Enrollment Service has expired. Verify that both the encryption and signing certificates are valid and restart the service.
Event text (German):At least one certificate for the network device registration service has expired. Make sure that both the encryption and the signing certificates are valid and restart the service.

The Network Device Enrollment Service (NDES) provides a way for devices that do not have an identifier in Active Directory (for example, network devices such as routers, switches, printers, thin clients, or smartphones and tablets) to request certificates from a certification authority. For a more detailed description, see the article "Network Device Enrollment Service (NDES) Basics„.

Example events

At least one of the certificates for the Network Device Enrollment Service has expired. Verify that both the encryption and signing certificates are valid and restart the service.

Description

Do you know TameMyCerts? TameMyCerts is an add-on for the Microsoft certification authority (Active Directory Certificate Services). It extends the function of the certification authority and enables the Application of regulationsto realize the secure automation of certificate issuance. TameMyCerts is unique in the Microsoft ecosystem, has already proven itself in countless companies around the world and is available under a free license. It can downloaded via GitHub and can be used free of charge. Professional maintenance is also offered.

Occurs when the Registration Authority certificates for the NDES server have expired and there is no replacement. Occurs in conjunction with Event #31 on.

The solution is this, apply for new Registration Authority certificates and then restart the NDES service.

Safety assessment

The security assessment is based on the three dimensions of confidentiality, integrity and availability.

Since in most cases the Registration Authority certificates of the NDES server are requested and renewed manually, an alert should be issued in any case to avoid any impact on availability.

Related links:

External sources

One thought on “Details zum Ereignis mit ID 34 der Quelle Microsoft-Windows-NetworkDeviceEnrollmentService”

  1. Pingback: Details about the event with ID 31 of the source Microsoft-Windows-NetworkDeviceEnrollmentService - Uwe Gradenegger

Comments are closed.

en_USEnglish
de_DEDeutsch en_USEnglish