• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 434
  • Last Modified:

How to remove automatically certificates from computers in AD.

Hi,

I noticed last month that domain controllers in our Windows 2000 domain have a certificate from and old server that currently is out of the domain, even I can't find its record in the DNS zone and nobody knows about it, it's like a phantom.

After do some research I know than that certificate isn't used by any application so I think I can remove it from every single machine within the domain as it isn't used by active directory to authenticate user, is this true?.

I followed the steps detailed in the next article http://support.microsoft.com/?scid=kb;en-us;555151&x=2&y=14, but I get stuck on the Domain Controller Cleanup step because I'd like to know if I can remove automattically (GPO, for instance) any certificate issued by the old CA.

Thank you.
0
JorgeSimarroVillar
Asked:
JorgeSimarroVillar
  • 2
1 Solution
 
AwinishCommented:
Below link might help you.
http://support.microsoft.com/kb/555894
0
 
JorgeSimarroVillarAuthor Commented:
Hi,

I' have some questions about that KB.

- The first one is that at the beggining of the script login.bat you can see the line copy %0\..\removeca.vbs c:\RemoveCA, but I think that may be wrong as you can't see removeca.vbs again on that script.

- The second one, Should I change the value of the constant PublicKeyInput for that one of my CA?.

- The third one, why are there so many lines commente on the vbs script?.

- Finally, the last one, Does this script only apply for W2003 Servers?.

Thank you.
0
 
AwinishCommented:
M sorry for late reply...Not keeping well...

Speaking truly, i haven't ran this, i just searched & found KB which might help you.

I think give a try as its mentioned in article & see if it works.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now