Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

CertificateServicesClient-AutoEnrollment ID 64

Posted on 2014-02-03
1
503 Views
Last Modified: 2014-02-17
A few months back I removed a CA from our domain. I followed the documented procedure to do so safely. I am now getting this message in the Domain Controller logs as the cert cannot auto-renew because the CA is gone.

Certificate for local system with Thumbprint xx xx xx xx ...etc is about to expire or already expired.

When looking in the certificates MMC snapin I see Intended purposes are Client Authentication, Server Authentication.

My question is this: I've seen other posts that say this does not need to be renewed if there are no services using it. - namely this one: http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Q_27846670.html -Is that true? If so, how do I search to see which services may be using this cert?
0
Comment
Question by:lbc_matt
1 Comment
 
LVL 36

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39831598
I hope certificate is installed on Domain Controller.
If you have removed CA already, just simply remove certificate from Domain Controller. It will not create any problems.
Once you install new Enterprise CA (Ad integrated) server in domain, it will automatically take care of Domain Controller certificate.
Also check any domain GPO where you have setup auto enrol \ renew expiring certs and disable that setting from GPO.

Mahesh
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
what about DCpro 2 36
Exchange 2007 3 54
Powershell script v3 to query against Oracle having an error 3 36
Migrating Roaming Profiles to new server 5 22
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question