Dear Experts, I have set up a test environment where I have a Microsoft enterprise CA running on server 2008 R2. On that same machine, I have installed the Web Enrollment role. I can publish this to our SA4500 SSL/VPN and everything works great. However, in production, Security made us Separate the Web Enrollment from the backend enterprise CA server. I have everything working from internal workstations with this configuration. Users can request and receive certs from the web enrollment page without issues. However, when I publish the production Web enrollment page on the juniper and attempt to request a certificate, I get the following error: Contact your administrator for further assistance. Request Mode: newreq - New Request Disposition: (never set) Disposition message: (none) Result: The RPC server is unavailable. 0x800706ba (WIN32: 1722) COM Error Info: CCertRequest::Submit: The RPC server is unavailable. 0x800706ba (WIN32: 1722) LastStatus: The operation completed successfully. 0x0 (WIN32: 0) Suggested Cause: This error can occur if the Certification Authority Service has not been started. Does anyone know how to fix this? Note that I have already installed the re-writing filter mentioned in this article: http://kb.pulsesecure.net/InfoCenter/index?page=content&id=KB16368&cat=SSL_VPN_IVE_OS&actp=LIST&smlogin=true Thanks! Steve _
... View more
More investigation helped me find the easy workaround. UAC is a strange bird. Sometimes it pops up, and asks for what you think are administrator credentials, but allows you to type the current non-admin ones and it works. That seems to be the case here. For now, I guess our users can use WSAM if they retype their credentials each time they launch it. It still seems like a waste of time and will definetely generate support calls, but at least they can work. If someone knows a way to get rid of this popup all together, I would love to hear it.
... View more