Details of the event with ID 21 of the source Microsoft-Windows-CertificationAuthority

Event Source:Microsoft-Windows-CertificationAuthority
Event ID:21 (0x15)
Event log:Application
Event type:Error
Symbolic Name:MSG_E_PROCESS_REQUEST_FAILED
Event text (English):Active Directory Certificate Services could not process request %1 due to an error: %2. The request was for %3.
Event text (German):The request %1 could not be executed due to an error: %2. The request was for %3.

Parameter

The parameters contained in the event text are filled with the following fields:

  • %1: RequestId (win:UnicodeString)
  • %2: ErrorCode (win:UnicodeString)
  • %3: SubjectName (win:UnicodeString)

Example events

Active Directory Certificate Services could not process request 769 due to an error: The operation is denied. It can only be performed by a certificate manager that is allowed to manage certificates for the current requester. 0x80094009 (-2146877431 CERTSRV_E_RESTRICTEDOFFICER).  The request was for INTRA\Administrator.
Active Directory Certificate Services could not process request 12345 due to an error: The request's current status does not allow this operation. 0x80094003 (-2146877437 CERTSRV_E_BAD_REQUESTSTATUS). The request was for CN=Rudi Ratlos.
Active Directory Certificate Services could not process request 547858 due to an error: The requested property value is empty. 0x80094004 (-2146877436 CERTSRV_E_PROPERTY_EMPTY).  The request was for CN=Rudi Ratlos.
Active Directory Certificate Services could not process request 7398 due to an error: Disk IO error 0x0 (WIN32: 0).  The request was for INTRA\CLIENT1$.

Description

Do you know TameMyCerts? TameMyCerts is an add-on for the Microsoft certification authority (Active Directory Certificate Services). It extends the function of the certification authority and enables the Application of regulationsto realize the secure automation of certificate issuance. TameMyCerts is unique in the Microsoft ecosystem, has already proven itself in countless companies around the world and is available under a free license. It can downloaded via GitHub and can be used free of charge. Professional maintenance is also offered.

The operation is denied. It can only be performed by a certificate manager that is allowed to manage certificates for the current requester. 0x80094009 (-2146877431 CERTSRV_E_RESTRICTEDOFFICER).

Occurs when the request for a certificate was made through the Enroll on Behalf of (EOBO) mechanism by a certificate enrollment agent, who has no authorization for the user in question.

The request's current status does not allow this operation. 0x80094003 (-2146877437 CERTSRV_E_BAD_REQUESTSTATUS)

Probably occurs when too many simultaneous certificate requests are made to the certification authority. The underlying problem seems to lie here in the DCOM interface.

Safety assessment

The security assessment is based on the three dimensions of confidentiality, integrity and availability.

In the case of an unauthorized application, a closer investigation should definitely be made, as this may be an attempted attack.

Microsoft rating

Microsoft evaluates this event in the Securing Public Key Infrastructure (PKI) Whitepaper with a severity score of "Low".

Related links:

External sources

en_USEnglish