We have decommissioned a certificate authority and the Ent. Admin role does not have permission to delete the server from Enrollment Servers container in AD Sites and Services. All other instances of this CA were removed properly from the other containers. Any ideas what could be keeping this...
Microsoft views more than one ROOTCA in a forest as "unsupportable". You can have multiple issuing CA's but only one root.
We had a DC running certificate services in our test lab. Everything went great until we started using CEP to get device certificates. DC's by nature do not like to have...
1. Build the new CA and do not run the restore wiz. You will have to issue new certificates on the domain.
2. The symptoms make me think that it is not a domain member. The templates need to be published to AD if you are using an enterprise CA, but you must also purge the old templates from AD...
Microsoft has a very good document on how to decom a CA and remove all information. Article ID is 889250. http://support.microsoft.com/889250
There is also some good information on the win2003 server support site for the certutil tool. You can use it to remove the CA objects from AD.
When you are installing certificate services you do not want to overwrite the information in AD. Once you have CA serv installed run the restore wiz and bring the private key and the DB and overwrite them on the CA. As long as you have given the CA the same netbios name and using the correct...
I am not sure what it is you are asking about here. Are you wanting to recover the CA or create a new instance? If you are recovering the CA you would use the Restore CA wiz and load the CAbackup that you performed prior to the disaster plan. The CA publishes to AD, not pulls info from. Are you...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.