Publishing to Active Directory Does Not Work on a Stale LDAP Connection (281512)


The information in this article applies to:

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional
This article was previously published under Q281512

SYMPTOMS

If you use Windows 2000 and Certificate Server (which is included with Microsoft Internet Information Services 5.0), publishing certificates to Active Directory may not work if the domain controller to which Certificate Server is bound is restarted.

CAUSE

Certificate Server follows a typical process of discovering and binding to the closest domain controller by using Lightweight Directory Access Protocol (LDAP). If the domain controller is restarted, Certificate Server does not bind again to that domain controller when it comes back online. Stopping and restarting the Certificate service causes that service to bind again to the domain controller, and publishing succeeds.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

The English version of this fix should have the following file attributes or later: 
   Date         Time      Version        Size     File name
   ---------------------------------------------------------
   27-Mar-2001  19:56:16  5.0.2195.3418  142,096  Certcli.dll
   27-Mar-2001  19:56:16  5.0.2195.3418  277,264  Certmmc.dll
   27-Mar-2001  19:56:16  5.0.2195.3418  222,480  Certocm.dll
   27-Mar-2001  19:56:16  5.0.2195.3418  63,760   Certpdef.dll
   27-Mar-2001  19:45:06  5.0.2195.3418  117,008  Certsrv.exe
   27-Mar-2001  19:45:20  5.0.2195.3418  226,576  Certutil.exe
   27-Mar-2001  19:56:16  5.0.2195.3418  40,720   Certxds.dll

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows 2000 Service Pack 3.

MORE INFORMATION

For additional information about how to install Windows 2000 and Windows 2000 hotfixes at the same time, click the article number below to view the article in the Microsoft Knowledge Base:

249149 Installing Microsoft Windows 2000 and Windows 2000 Hotfixes

Modification Type:MinorLast Reviewed:9/26/2005
Keywords:kbHotfixServer kbQFE kbbug kbfix kbSecurity kbWin2000PreSP3Fix kbWin2000sp3fix KB281512
©2004 Microsoft Corporation. All rights reserved.