?
Solved

CS server removal from AD after CS server physically lost

Posted on 2014-10-01
3
Medium Priority
?
113 Views
Last Modified: 2014-10-06
I have a client with a legacy 2008R2 domain. It originally had a single certificate server. The certificate server remains listed in PKIVIEW but the physical computer is gone and therefore I am unable to follow the removal process found in: http://support2.microsoft.com/kb/889250. How does one effectively get rid of a no longer existing Certificate Services server in order to clean up Active Directory before installing a new one?
0
Comment
Question by:214-042308
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 5

Accepted Solution

by:
Daniel Kline earned 2000 total points
ID: 40356116
I can't claim credit for this hack, but here is where you can find the solution:
http://retrohack.com/cleaning-up-after-a-failed-2008-certificate-authority/
0
 
LVL 1

Author Comment

by:214-042308
ID: 40359875
Ok, I'll give it a try. Thanks for the disclaimer.
0
 
LVL 1

Author Comment

by:214-042308
ID: 40364528
Ok, that worked, but like the comments said it's easier if you use the PKIView in step 11 to remove the failed CA from the various AD containers. Still, a good recommendation even if you pulled a third party solution.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question