Forum Discussion

Julius Diernhofer's avatar
Julius Diernhofer
Tin Contributor
Oct 15, 2018

Connect a second NDES server to enterprise CA

In preparation of the migration of our ~4500 MDM-devices from SCCM-Intune-Hybrid to Intune SA, I am trying to install a second NDES-server to be able to test and provide feature-parity before moving the first users.

Anyone has an idea how to do so? 

Always get an error (during NDES setup wizard) stating, that the "endpoint is a duplicate".

The same error can be found on the CA in the eventlog, but in my opinion, it should be able to connect to a CA from two servers, even as I use different system-users and also created a new cert-template for this purpos.

 

Any thoughts on this are appreciated

 

Thanks in advance

 

Julius

1 Reply

  • Hi Julius, yes, multiple NDES servers can be used, but the duplicate endpoint error usually means something in the NDES, CEP, or CES registration is colliding with the existing configuration. I’d use a separate service account, confirm the SPNs are unique, verify the certificate templates and permissions, and make sure the second NDES server is not trying to register the exact same enrollment endpoint identity. The CA event logs are also worth checking closely because they usually point to the object or endpoint being treated as duplicate.