Error When Performing Post-Deployment Tasks after Installing Active Directory Certificate Services on Server 2019

Andy Baker 0 Reputation points

After adding the Active Directory Certificate Services>Certificate Authority role on Server 2019 Standard, I cannot complete the post-deployment tasks. As soon as I enter credentials with the appropriate permissions, I receive this error message.

Active Directory Certificate Services setup failed with the following error: The parameter is incorrect. 0x80070057. (Win32: 87 Error_Invalid_Parameter)

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,802 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Wesley Li 4,125 Reputation points


    The error message you’re seeing, “The parameter is incorrect. 0x80070057. (Win32: 87 Error_Invalid_Parameter)”, There are two main reasons for this error:

    Role Misconfiguration: If you’ve added the Active Directory Domain Services role but haven’t promoted the server to a domain controller, this could be causing the issue. If you do not intend for the server to be a domain controller for the domain, then you should remove the AD DS role. If you only want to manage the domain from the server, then you only need to add the AD DS Role Administration Tools.

    Group Policy Settings: This behavior can occur if your environment has the “Log on as a Service” Group Policy setting configured. While the Post-Deployment Configuration task is running, the Windows Server Essentials Management Service is configured to use the ServerAdmin$ account to log on as a service and perform the task. After the Essentials Configurations are complete, the service is configured to use the Local System account.

    0 comments No comments