ShrCol
asked on
Decommissioning a Server 2003 Certificate Authority - Part 2
Experts,
I have just finished decommissioning a couple of internal CA's and have also since created a new one. I followed the Microsoft document to undertake the decommissioning process (http://support.microsoft.com/kb/889250) which was fine, except for one of the final stages.
Near the bottom, step 9 it says: 'Important Do not use this procedure if you are using certificates that are based on version 1 domain controller templates' in relation to cleaning up domain controller certificates. However, I'm not sure how I would know, so my question is how do I find out what version they are.
The command 'certutil -dcinfo' displays a number of old certificates that I would like to clean up however I don't want to proceed without being sure. Both of the old CA's were Windows Server 2003 Enterprise.
Thanks.
I have just finished decommissioning a couple of internal CA's and have also since created a new one. I followed the Microsoft document to undertake the decommissioning process (http://support.microsoft.com/kb/889250) which was fine, except for one of the final stages.
Near the bottom, step 9 it says: 'Important Do not use this procedure if you are using certificates that are based on version 1 domain controller templates' in relation to cleaning up domain controller certificates. However, I'm not sure how I would know, so my question is how do I find out what version they are.
The command 'certutil -dcinfo' displays a number of old certificates that I would like to clean up however I don't want to proceed without being sure. Both of the old CA's were Windows Server 2003 Enterprise.
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER