JSI Tip 4555. Windows XP Autoenrollment cannot reach an Active Directory domain controller?

Event ID 15 is logged every 8 hours in the Application event log:

Event Type: Error 
Event Source: AutoEnrollment 
Event Category: None 
Event ID: 15 
Date: date
Time: time
User: N/A 
Computer: computer name
Description: Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).
             The specified domain either does not exist or could not be contacted. Enrollment will not be performed.
If your Windows XP is a member of a Windows NT 4.0 domain, the is no Active Directory.

If Windows XP is joined to a Windows NT 4.0 domain:

1. Start / run / gpedit.msc / Enter.

2. Navigate to Computer Configuration / Windows Settings / Security Settings / Public Key Policies.

3. Double-click Autoenrollment Settings.

4. Select Do not enroll certificates automatically.

5. Press OK.

6. Close the Group Policy window.

If your Windows XP is a member of a Windows 2000 or later domain:

1. Control Panel / Network Connections / Local Area Connection / Properties.

2. Insure that the correct DNS address is entered into the Preferred DNS server box.

3. Press OK.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.