To anyone operating in a Public Key Infrastructure environment (PKI), has anyone discovered an issue with using VSE 8.8 Patch 7? We are discovering Kerberos Windows Event log errors on both the client, and domain controller sides, stating that the certificate revocation server cannot be reached because it is offline. This is of course not true. When we revert to VSE 8.8 Patch 4, this issue goes away. When disabling VSE completely from ePO, this issue goes away, even if Patch 7 is installed.
Specifically, the domain controllers are receiving Windows Event ID 21, and the workstations are receiving Windows Event ID 9, and Event ID 8.
what do you mean by
When disabling VSE completely from ePO, this issue goes away, even if Patch 7 is installed
do you mean disabling VSE access protection or on-access scanner or completely removing vse?
When we disable, we disable it via all policy types (Access Protection, On Access, Buffer Overflow, etc). I am working on determining which piece of VSE will cause the system to break. And yes, the system will work properly when all VSE protections are disabled and P7 is installed.
if you run vse p4 on the domain controller (pki server) and vse p7 on the client side, do you have same issue? I mean receiving Windows Event ID 9, and Event ID 8