Citrix FAS service manual authorization request doesn’t reach CA server
Article ID: CTX225236
Updated On:
Description
Citrix Federated Authentication Service (FAS) service manual authorization request doesn’t reach Certificate Authority (CA) server.
Wireshark capture on the FAS server throws an error nca_s_fault_access_denied.
Resolution
To update the DCOM security settings for the certificate service (On Issuing CA server), run the following commands at a command prompt:
certutil -setreg SetupStatus -SETUP_DCOM_SECURITY_UPDATED_FLAG
net stop certsvc
net start certsvc
certutil -setreg SetupStatus -SETUP_DCOM_SECURITY_UPDATED_FLAG
net stop certsvc
net start certsvc
Problem Cause
DCOM security settings for the certificate service not updated.
Was this article helpful?
Yes
No
Powered by
