we have a windows 2000 domain caontaining a mix of 2003 and 2000 servers . There are 2 DC's both of which are on 2000.
When trying to encrypt a file i get the following error.
Recovery policy for this system contains invalid recovery certificate.
I can find the cert in GP but not in the certificates snap in on any of the DC's
so cannot renew.
Upon looking further i cannot find a CA for the domain? Is this normal?
Is there anyway i can find which server initally issued the cert?
Am considering installing certificate services on one of the servers but not at all sure if this is wise.