we have citrix xenapp 6.5 and require a CAG to be setup but in order to setup certificate services on the new 2008r2 box i believe i need to raise the forest/domain which is in 2000 native mode at present. if i change this to 2003 is there any risk or could this cause any issues. all pc etc are xp or vista or 7.
once ive done this do i need to update the forest with adprep to 2008 to support certificate services, again will this cause any issues.
the error i get when trying to add the certificate enrollment webservice in server manager in the current envirnment is "The Certificate Enrollment Web Service or Certificate Enrollment Policy Web Service must be installed on a member server in an Active Directory forest in which the Windows Server 2008 R2 version of ADPrep /forestprep has been successfully run."