Forum Discussion

IstvanffyZ's avatar
IstvanffyZ
Brass Contributor
Oct 17, 2020

NDES certificate problem

Hello,

 

I set up the environment used with this guide: https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert

 

Everything seems ok, NDES check tool (https://docs.microsoft.com/en-us/troubleshoot/mem/intune/verify-ndes-configuration) did not find any error.

 

However, on NDES server, C:\Program Files\Microsoft Intune\NDESPolicyModule\Logs\NDESPlugin.log shows the following errors:

 

Calling VerifyRequest ...

Sending request to certificate registration point...

Failed to retrieve client certificate. Error -2147024809

Exiting VerifyRequest with 0x80070057

 

On NDES server, Application log for NetworkDeviceEnrollmentService, doesnt show any error/warning

 

How next?

 

Thank you for your help!

KR,

Zoltan

  • BenKrah's avatar
    BenKrah
    Oct 19, 2020

    IstvanffyZ sorry, I missed that.

     

    From my point of view the NDES logs are not useful.

    The error value 0x80070057 points to "Incorrect parameter". So it seems as if either the request is malformed or the certificate template is incorrectly configured. 

    • IstvanffyZ's avatar
      IstvanffyZ
      Brass Contributor

      Hello BenKrah 

       

      as you can read, I used that validation script (no error).

       

      Is there any detailed log option about NDES server?

       

      Kr,

      Zoltan

      • BenKrah's avatar
        BenKrah
        Brass Contributor

        IstvanffyZ sorry, I missed that.

         

        From my point of view the NDES logs are not useful.

        The error value 0x80070057 points to "Incorrect parameter". So it seems as if either the request is malformed or the certificate template is incorrectly configured. 

Resources