Hi,
I am using PSPKI Version 3.1. When running the following command, I get an error.
__Command:__
Connect-CertificationAuthority -ComputerName <servername>.<domain1>.com
__Error:__
New-Object : Exception calling ".ctor" with "1" argument(s): "CCertConfig::GetField: The parameter is incorrect. 0x80070057 (WIN32: 87 ERROR_INVALID_PARAMETER)"
At C:\windows\system32\WindowsPowerShell\v1.0\Modules\pspki\Server\Connect-CertificationAuthority.ps1:13 char:4
New-Object PKI.CertificateServices.CertificateAuthority $CName
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CategoryInfo : InvalidOperation: (:) [New-Object], MethodInvocationException
FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand
We have two domains. There is two way trust connection in both the domains. The server is on Domain 1.
What I have observed so far is:
If I log in with Domain 1, it's working fine.
However, If I am logged in Domain 2, I am getting the above error.
I believe the reason of the error is, when I log in with Domain 2 by default my ADForest is of Domain 2.
I can't find a way to switch the ADForest to Domain 1. I can't find any switch with 'Connect-CertificationAuthority' similar to Get-ADUser that can specify which domain it should refer.
Any help with this would be appreciated.
Thanks!!
Comments: Are these domains members of the same forest? Or they belong to different forests?
I am using PSPKI Version 3.1. When running the following command, I get an error.
__Command:__
Connect-CertificationAuthority -ComputerName <servername>.<domain1>.com
__Error:__
New-Object : Exception calling ".ctor" with "1" argument(s): "CCertConfig::GetField: The parameter is incorrect. 0x80070057 (WIN32: 87 ERROR_INVALID_PARAMETER)"
At C:\windows\system32\WindowsPowerShell\v1.0\Modules\pspki\Server\Connect-CertificationAuthority.ps1:13 char:4
New-Object PKI.CertificateServices.CertificateAuthority $CName
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CategoryInfo : InvalidOperation: (:) [New-Object], MethodInvocationException
FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand
We have two domains. There is two way trust connection in both the domains. The server is on Domain 1.
What I have observed so far is:
If I log in with Domain 1, it's working fine.
However, If I am logged in Domain 2, I am getting the above error.
I believe the reason of the error is, when I log in with Domain 2 by default my ADForest is of Domain 2.
I can't find a way to switch the ADForest to Domain 1. I can't find any switch with 'Connect-CertificationAuthority' similar to Get-ADUser that can specify which domain it should refer.
Any help with this would be appreciated.
Thanks!!
Comments: Are these domains members of the same forest? Or they belong to different forests?