Article ID: 305193 - View products that this article applies to.
This article was previously published under Q305193
If you try to subordinate an Enterprise Certificate Authority (CA) to a standalone root CA, and the configuration is such that the root CA is installed on a member server or domain controller in the parent domain and the Enterprise CA is installed in a child domain, you receive the following error message:
If you use the Certutil.exe tool to parse this error message, you receive the following information:
An error was detected while configuring Certificate Services. The Certificate Services Wizard will need to be rerun to complete the configuration. Certificate Services Setup failed with the following error: The parameter is incorrect. 0x80070057 (WIN32: 87)
0x80070057 (WIN32: 87) -- 2147942487 (-2147024809)
Error message text: The parameter is incorrect.
When you install an Enterprise CA, a security check is performed to determine one of two things:
Error code: LDAP_CONSTRAINT_VIOLATION
Descriptions: There was a constraint violation.
Grant the SeRestorePrivilege user right directly to the user account that is performing the Enterprise CA installation. Or, assign this right to the Enterprise Administrators group.
Contact us for more help
Connect with Answer Desk for expert help.