Event Source: | Microsoft-Windows-CertificateServicesClient-CertEnroll |
Event ID: | 51 (0x825A0033) |
Event log: | Application |
Event type: | Warning |
Event text (English): | Certificate enrollment for %1 for the %2 certificate must be performed under the user context. |
Event text (German): | Certificate registration for %1 for the %2 certificate must be performed in the user context. |
Parameter
The parameters contained in the event text are filled with the following fields:
- %1: Context (win:UnicodeString)
- %2: TemplateName (win:UnicodeString)
Example events
Certificate enrollment for Local system for the ADCSLaborUser certificate must be performed under the user context.
Description
Do you know TameMyCerts? TameMyCerts is an add-on for the Microsoft certification authority (Active Directory Certificate Services). It extends the function of the certification authority and enables the Application of regulationsto realize the secure automation of certificate issuance. TameMyCerts is unique in the Microsoft ecosystem, has already proven itself in countless companies around the world and is available under a free license. It can downloaded via GitHub and can be used free of charge. Professional maintenance is also offered.
This event can occur when a computer object has auto-enroll permissions for a certificate template that is intended for the user context.
This can occur, for example, if the "Authenticated Users" are used for autoenrollment in the "Security" tab of the certificate template, which also includes computer objects. It is better to use the "Domain Users" or "Domain Computers" groups.
Safety assessment
The security assessment is based on the three dimensions of confidentiality, integrity and availability.
No description has been written for this yet.