After removing the Enterprise Root Ca from AD, the published certificates are still listed on AD

Posted on 2011-10-06
Last Modified: 2012-05-12
Hi Guys,

I removed Enterprise Root CA from Active Directory helped by the article

I expected that, after doing that, all certificates that had been published to users would be removed from active directory. But certificates are still listed under Published Certificated Tab in Active Directory Users and Computers as you can see below.

 Published Certificate
How do I clear these certificated from user's accounts?


Rodrigo Garcone
Question by:garconer
    1 Comment
    LVL 13

    Accepted Solution

    Clean up via ADSIEDIT by going to Configuration Container>Services>Public Key Services>

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    One of the major disadvantages of still running XP in production is its lack of Internet Explorer Favourites directory redirection. If your users frequently roam between computers, the usual workaround is to enable Roaming Profiles to have the favou…
    I'm sure that every Windows systems administrator has written, or at least used, a batch or VBS login script at some point in their career, whether it is to map network drives, install printers, or set some user preferences.  No more! With Window…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now