Forum Discussion
IstvanffyZ
Oct 17, 2020Brass Contributor
NDES certificate problem
Hello,
I set up the environment used with this guide: https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert
Everything seems ok, NDES check tool (https://docs.microsoft.com/en-us/troubleshoot/mem/intune/verify-ndes-configuration) did not find any error.
However, on NDES server, C:\Program Files\Microsoft Intune\NDESPolicyModule\Logs\NDESPlugin.log shows the following errors:
Calling VerifyRequest ...
Sending request to certificate registration point...
Failed to retrieve client certificate. Error -2147024809
Exiting VerifyRequest with 0x80070057
On NDES server, Application log for NetworkDeviceEnrollmentService, doesnt show any error/warning
How next?
Thank you for your help!
KR,
Zoltan
IstvanffyZ sorry, I missed that.
From my point of view the NDES logs are not useful.
The error value 0x80070057 points to "Incorrect parameter". So it seems as if either the request is malformed or the certificate template is incorrectly configured.
- BenKrahBrass Contributor
Hi IstvanffyZ,
please use the scripts provided in the following article to verify your NDES infrastructure first:
https://docs.microsoft.com/de-de/troubleshoot/mem/intune/verify-ndes-configurationThe scripts will provide helpful output when something is not configured correctly.
The error you provided can have many causes and we do not know your environment so unfortunately helping will be difficult with only this error message. 🙂
- IstvanffyZBrass Contributor
Hello BenKrah
as you can read, I used that validation script (no error).
Is there any detailed log option about NDES server?
Kr,
Zoltan
- BenKrahBrass Contributor
IstvanffyZ sorry, I missed that.
From my point of view the NDES logs are not useful.
The error value 0x80070057 points to "Incorrect parameter". So it seems as if either the request is malformed or the certificate template is incorrectly configured.