Microsoft-Windows-NetworkDeviceEnrollmentService

Description

The Network Device Enrollment Service started successfully.

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-NetworkDeviceEnrollmentService",
    "guid": "{73144342-19d1-47a4-94de-d38e6a054ad5}",
    "event_source_name": "",
    "event_id": 1,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-05-09 21:30:11.004738+00:00",
    "event_record_id": 210,
    "correlation": {
      "ActivityID": "",
      "RelatedActivityID": ""
    },
    "execution": {
      "process_id": 6500,
      "thread_id": 6016
    },
    "channel": "Application",
    "computer": "EX-NDES.ludus.domain",
    "security": {
      "user_id": "S-1-5-21-1006758700-2167138679-1475694448-1105"
    }
  },
  "event_data": {},
  "message": ""
}

Description

The Network Device Enrollment Service cannot be started (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service has been stopped.

Description

The Network Device Enrollment Service cannot be stopped (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot provide its password because the user does not have Enroll permissions on the configured certificate template, or the certification authority is not enabled to issue certificates based on the configured certificate template.

Description

The Network Device Enrollment Service failed to return the certification authority certificate(s) to the caller (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot retrieve information about the certification authority (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot retrieve the certification authority certificate (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot retrieve one of its required certificates (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service received an http message without the "Operation" tag, or with an invalid "Operation" tag.

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-NetworkDeviceEnrollmentService",
    "guid": "{73144342-19d1-47a4-94de-d38e6a054ad5}",
    "event_source_name": "",
    "event_id": 11,
    "version": 0,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-05-09 21:30:15.347746+00:00",
    "event_record_id": 211,
    "correlation": {
      "ActivityID": "",
      "RelatedActivityID": ""
    },
    "execution": {
      "process_id": 6500,
      "thread_id": 6016
    },
    "channel": "Application",
    "computer": "EX-NDES.ludus.domain",
    "security": {
      "user_id": "S-1-5-17"
    }
  },
  "event_data": {},
  "message": ""
}

Description

The Network Device Enrollment Service received an http request without the "Message" tag (or request body for POSTPKIOperation).

Description

The Network Device Enrollment Service cannot encrypt the response to a client request (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot sign the response to a client request (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot convert encoded portions of the client's http message (or request body for POSTPKIOperation), or the converted message (or request body for POSTPKIOperation) is larger than 64K (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot decode the http message from the client (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot retrieve required information, such as the transaction ID, message type, or signing certificate, from the client's PKCS7 message (ErrorCode). ErrorMessage

Fields #

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-NetworkDeviceEnrollmentService",
    "guid": "{73144342-19d1-47a4-94de-d38e6a054ad5}",
    "event_source_name": "",
    "event_id": 17,
    "version": 0,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-05-09 21:30:15.349075+00:00",
    "event_record_id": 212,
    "correlation": {
      "ActivityID": "",
      "RelatedActivityID": ""
    },
    "execution": {
      "process_id": 6500,
      "thread_id": 2788
    },
    "channel": "Application",
    "computer": "EX-NDES.ludus.domain",
    "security": {
      "user_id": "S-1-5-21-1006758700-2167138679-1475694448-1105"
    }
  },
  "event_data": {
    "ErrorCode": "0x8009310b",
    "ErrorMessage": "ASN1 bad tag value met.\n"
  },
  "message": ""
}

Description

The Network Device Enrollment Service cannot decrypt the client's PKCS7 message (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service failed trying to retrieve a certificate from the certification authority (CA). Verify that the CA service is running. Use the Certification Authority management console to verify that the Network Device Enrollment Service account has Read permissions on the CA service. Verify that the serial number specified in the GETCERT request is correct, and that the CA service has successfully created a certificate with the specified serial number. The error returned was (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot complete the PKCS7 request (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot find the issuer name or serial number in the client's PKCS7 message (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot locate a valid certificate request ID that matches the transaction ID in the client's PKCS7 message (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service was not able to query the certification authority (CA) for a previously submitted device certificate request. Verify that the CA service is running and that the Network Device Enrollment Service account has Read permission on the CA service. Use the Certification Authority management console to verify the permissions on the CA service. The error returned was (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot locate a required password in the certificate request. Either a password must be present in the certificate request or the certificate request should be signed with a valid signing certificate. The signing certificate must chain up to a trusted root in the Enterprise store. The signing certificate and the certificate request must have the same subject name or subject alternate name.

Description

The password in the certificate request cannot be verified. It may have been used already. Obtain a new password to submit with this request.

Description

The Network Device Enrollment Service cannot add an alternative subject name extension to the certificate request (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot submit the certificate request (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot retrieve the certificate identified by this request ID (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service failed to cache this certificate ID and transaction ID (ErrorCode). ErrorMessage

Fields #

Description

At least one of the certificates for the Network Device Enrollment Service has expired. Verify that both the encryption and signing certificates are valid and restart the service.

Description

At least one of the certificates for the Network Device Enrollment Service will expire soon. Check the validity period for both the encryption and signing certificates. Renew any certificates that are nearing the end of their validity period and restart the service.

Description

The Network Device Enrollment Service failed while attempting to write the header portion of an http response (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service failed while attempting to write the data portion of an http response (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service detected an invalid message type in the client's PKCS7 message.

Description

The Network Device Enrollment Service cannot find key usage information in the certificate request and will use both the Signature and Exchange key usages.

Description

The Network Device Enrollment Service cannot issue a password because the requester is not an administrator of this computer.

Description

The Network Device Enrollment Service cannot decode an X509 certificate request.

Description

This password has already been used to request a (KeyUsage) certificate. Only one signing certificate and one exchange certificate can be issued per password. Obtain a new password to use with this request, or create a new request with a different key usage and the same password, then try again.

Fields #

Description

The Network Device Enrollment Service cannot obtain the certificate revocation list (CRL) for key KeyId from the certification authority. Verify that the CA service is running, the Network Device Enrollment Service account has Read permission on the CA service, and the CA service has successfully created the latest CRL. Use the Certification Authority management console to verify the permissions on the CA service. Use the command: Certutil -config "ConfigString" -cainfo crl KeyId2 to verify that the CA service has created the latest CRL. The error returned was (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service cannot match the issuer name and serial number in the device request to any certification authority (CA) certificate. Verify that the device request contains the correct CA certificate information, then resubmit the request.

Description

The Network Device Enrollment Service failed to load the hash algorithm specified at location Location. Use the command "certutil -v -csplist" to verify that the computer on which the Network Device Enrollment Service is installed supports the hash algorithm specified. Near the end of the command output, look for the section labeled "Hash Algorithms". If the algorithm specified in the registry is not listed, configure a different hash algorithm in the registry. The error returned was (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service loaded the Registration Authority (RA) key exchange certificate with serial number SerialNumber from the "Store" store.

Fields #

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-NetworkDeviceEnrollmentService",
    "guid": "{73144342-19d1-47a4-94de-d38e6a054ad5}",
    "event_source_name": "",
    "event_id": 47,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-05-09 21:30:11.004557+00:00",
    "event_record_id": 208,
    "correlation": {
      "ActivityID": "",
      "RelatedActivityID": ""
    },
    "execution": {
      "process_id": 6500,
      "thread_id": 6016
    },
    "channel": "Application",
    "computer": "EX-NDES.ludus.domain",
    "security": {
      "user_id": "S-1-5-21-1006758700-2167138679-1475694448-1105"
    }
  },
  "event_data": {
    "SerialNumber": "3500000004c5670a8abd37747b000000000004",
    "Store": "MY"
  },
  "message": ""
}

Description

The Network Device Enrollment Service loaded the Registration Authority (RA) signature certificate with serial number SerialNumber from the "Store" store.

Fields #

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-NetworkDeviceEnrollmentService",
    "guid": "{73144342-19d1-47a4-94de-d38e6a054ad5}",
    "event_source_name": "",
    "event_id": 48,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-05-09 21:30:11.004559+00:00",
    "event_record_id": 209,
    "correlation": {
      "ActivityID": "",
      "RelatedActivityID": ""
    },
    "execution": {
      "process_id": 6500,
      "thread_id": 6016
    },
    "channel": "Application",
    "computer": "EX-NDES.ludus.domain",
    "security": {
      "user_id": "S-1-5-21-1006758700-2167138679-1475694448-1105"
    }
  },
  "event_data": {
    "SerialNumber": "35000000036702351e5ab58e82000000000003",
    "Store": "MY"
  },
  "message": ""
}

Description

The Network Device Enrollment Service has failed to decrypt the encrypted password or the decrypted password's length doesn't match the one configured in the registry. To fix this, delete the EncryptedPassword entry in the registry.

Description

The Network Device Enrollment Service is working in single password mode. The password can be used multiple times and will not expire.

Description

The Network Device Enrollment Service cannot create or modify the registry key "RegSubKey." Grant Read and Write permissions on the registry key "RegKey" to the account that the Network Device Enrollment Service is running as.

Fields #

Description

The Network Device Enrollment Service policy module was started successfully.

Description

The Network Device Enrollment Service policy module could not be started (ErrorCode). ErrorMessage

Fields #

Description

The Network Device Enrollment Service policy module was stopped successfully.

Description

The Network Device Enrollment Service policy module could not be stopped (ErrorCode). ErrorMessage

Fields #