Dear all,

I have installed Windows Server 2003 and configured it for Smart Card Logon.
That is, the server has a Domain Controller role; and had Certificate
Services installed. The server is the Enterprise Root CA.

Everything worked for two days.

After two days, I found that the Smart Card Logon does not work. There are
two events in the System Event Log:

Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 9
Date: 3/17/2005
Time: 5:28:42 PM
User: N/A
Computer: SYSIM
Description:
The client has failed to validate the Domain Controller certificate for
sysim.imdom.local. The following error was returned from the certificate
validation process: The revocation function was unable to check revocation
because the revocation server was offline.


Event Type: Warning
Event Source: KDC
Event Category: None
Event ID: 20
Date: 3/17/2005
Time: 5:27:26 PM
User: N/A
Computer: SYSIM
Description:
The currently selected KDC certificate was once valid, but now is invalid
and no suitable replacement was found. Smartcard logon may not function
correctly if this problem is not remedied. Have the system administrator
check on the state of the domain's public key infrastructure.

Any help is appreciated. Thanks.

Services installed. The server is the Enterprise Root CA. Everything worked
for two days.  After two days, I found that the Smart Card Logon does not
work. There are two events in the System Event Log"  <snipped>

Was this domain previously renamed?

No, this is a fresh installation.

I have similar problem.
If domain WAS renamed, what it means?

Show quoteHide quote

My "wire" / not yours
Windows Server 2003 SP1
DHCP RELAY
NT 4.0 and 2003 Trust
BACKUP FROM TWO W2K3 DOMAINS
Move IIS server + net folders
Beginner has question on Windows 2003 srvr & Win2003 SBS
Slow browsing shared folder(s) after Server 2003 upgrade
guidelines for best practices of win2k3
WIN2K3 Macintosh file sharing