H
helpfromnick
We lost our certificate authority in our domain to a hyper-V issue. It has been so long we cannot put it back on the network because it was also a backup domain controller. We also lost a key member to our IT team.
I had to rip out the old CA out of AD manually after reading various blogs on how to do it.
New CA introduced and up and running. All clients have received new certificates.
previously when workstations had the old CA certs on their local computer account pinging would default to ipv6. Many ipv4 hostnames are not resolved. Ive read this is due to the certificates. Can anyone confirm if this is true? It seems to be because when we manually remove the old CA certs, flush dns, give it a minute, ipv4 starts working.
Eventually though after a reboot the old CA certs are back and im not sure why they keep coming back. Whats weird is the new CA never shows under Trusted Publishers and only the old CA shows up again after being deleted.
This is causing chaos for us as random VMs go offline on ipv4 and disrupts svc avail. any ideas where to start?
Continue reading...
I had to rip out the old CA out of AD manually after reading various blogs on how to do it.
New CA introduced and up and running. All clients have received new certificates.
previously when workstations had the old CA certs on their local computer account pinging would default to ipv6. Many ipv4 hostnames are not resolved. Ive read this is due to the certificates. Can anyone confirm if this is true? It seems to be because when we manually remove the old CA certs, flush dns, give it a minute, ipv4 starts working.
Eventually though after a reboot the old CA certs are back and im not sure why they keep coming back. Whats weird is the new CA never shows under Trusted Publishers and only the old CA shows up again after being deleted.
This is causing chaos for us as random VMs go offline on ipv4 and disrupts svc avail. any ideas where to start?
Continue reading...