Hi Guys, I have just removed the Certificate Authrority from a windows 2003 DC and created a new CA on a Windows 2008 R2 Server. This is because I am going to remove the 2003 box from the network as it is a very old physical machine. In ADSS , under the service node I can see my new CA plus the old one. What would the impact be of leaving it this way? and would there be any issue if I right clicked the old CA and slected delete? I have deployed the new root CA Cert to clients via a GPO. Many Thanks Bob

You may want to post this question on: Windows Server TechCenter > Windows Server Forums > Security Seems to contain more questions related to certificate services. HTH, Paul

you should decomission your old CA in a correct way: http://support.microsoft.com/kb/889250http://en-us.sysadmins.lv