Troubleshooting FIM CM: Viewing the Policy Module Properties with the Active Directory Certificate Services Console Fails

ISSUE

With FIM CM components installed attempting to view the policy module properties with the Active Directory Certificate Services console fails. The following error displays.

An error was encountered during communication with Certification Authority. Please re-open the properties for Certification Authority. Invalid class string 0x800401f3 (-2147221005)

The following event is logged in the FIM Certificate Management event log.

Log Name:      FIM Certificate Management

Source:        FIM CM CA Modules

Event ID:      0

Task Category: None

Level:         Warning

Keywords:      Classic

User:          N/A

Computer:      ca01.contoso.com

Description:

"2013-05-28 09:14:39.65 -04" "Microsoft.Clm.ExitModule.CertExit" "Void RegisterCA()" "" "NT AUTHORITY\SYSTEM" 0x000024F8 0x00000001

1) Exception Information

*********************************************

Exception Type: System.InvalidOperationException

Message: The ConnectionString property has not been initialized.

Data: System.Collections.ListDictionaryInternal

TargetSite: Void PermissionDemand()

HelpLink: NULL

Source: System.Data

StackTrace Information

*********************************************

   at System.Data.SqlClient.SqlConnection.PermissionDemand()

   at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory)

   at System.Data.SqlClient.SqlConnection.Open()

   at Microsoft.Clm.ExitModule.CertExit.RegisterCA()

CAUSE

The Active Directory Certificate Services console was being run remotely, on a server with the remote administration tools installed. The remote administration tools do not contain the additional files needed to manage a CA which has the FIM CM components installed.

SOLUTION

Run the Active Directory Certificate Services console on the CA on which the FIM CM components are installed.