We have a Server 2012 R2 Standard running as a DC in a small office of about 8 PC running Windows 7 pro. I needed to set up an SSTP VPN service but found that I could not obtain the self signed certificate required for the client PC. Further investigation found that the ADCS Configuration is not complete and cannot be completed.
Visiting the Server Manager and looking at a flagged Notification I see that there is a Post-deployment Configuration notice to 'Configure Active Directory Certificate Services on the destination server' If I start this process I'm presented with a credentials page which is completed just fine so I click Next. Then Role Services has 'Certification Authority' is the only Role selected from the 6 potential Roles available - the remaining 5 can't be ticked they appear greyed out and I can't untick 'Certification Authority' either. The only option I have is to click Previous or Cancel which will not help me to complete the post process.
How can I break out of this cycle whilst keeping the domain active. I'm working remotely from the site through a VNC service.
Can I remove the ADCS Role safely or will this impact the existing client logins etc. I'm assuming it will but not 100% sure.
I have also noticed that the CertSrv site under the Default IIS webpage is not listed. I'm sure this was there not too long ago but again can't be sure. NB This accounts for being unable to access CertSrv on this server either locally or externally.
Some help in at least cleaning this position up would be welcomed.