Assume the following scenario:
- A new certificate template is to be created.
- The creation fails with the following error message:
The following template name has already been used: ADCSLaboratoryUserTest. Enter a unique template name.
Possible causes
Do you know TameMyCerts? TameMyCerts is an add-on for the Microsoft certification authority (Active Directory Certificate Services). It extends the function of the certification authority and enables the Application of regulationsto realize the secure automation of certificate issuance. TameMyCerts is unique in the Microsoft ecosystem, has already proven itself in countless companies around the world and is available under a free license. It can downloaded via GitHub and can be used free of charge. Professional maintenance is also offered.
At first glance, the error message is clear: a certificate template with this name already exists.
However, it is important to note that the certificate template management console (certtmpl.msc) displays the display name in the list view ("Template display name", in the Active Directory object in the attribute displayName The certificate template is stored under the "Template name" (mapped in the Active Directory object in the "cn" attribute).
The two fields may differ from each other. The ADSI Ediror (adsiedit.msc) provides information. Probably an object already exists which uses this "Template name" but has a different "Template display name".
It can also happen that the previous creation or deletion of an object with the same name has not yet been completely replicated. The "cn" attribute is kept in the global catalog and therefore prevents the creation of an object with the same name even before replication has taken place completely.