We currently have 2 Windows 2000 Domain controllers and a member server which runs Certificate Services (Enterprise Root CA).
The certificate server is old and will be decommissioned. We will eventually put a new server in place and use that for issuing certificates. The only reason I think this Certificate server exists currently is for EFS, and there doesn't seem to be many users, if any at all who actually encrypt files. My question is can I safely uninstall Certificate services from this server.
I realise we wouldn't have a valid recovery agent but that wouldn't be an issue if there aren't any users encrypting files. The thing is both our Domain controllers have acquired a certificate from the certificate server and what I want to know is will uninstalling certificate services bring any detremental effects on the Domain controllers. What process / procedure do I need to follow to uninstall certificate services?
I cannot find anything in Group policy to suggest certificates are being used except as a recovery agent.