Re: I messed up my CA
From: Steven L Umbach (sumbach_at_ameritech.net)
Date: 08/07/03
- Next message: Terese: "Re: Tool to report disabled users"
- Previous message: Steven L Umbach: "Re: Help attempting to get hacked?"
- In reply to: David Cross [MS]: "Re: I messed up my CA"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 07 Aug 2003 15:04:37 GMT
I agree with Dave. Possibly you encrypted something you should not
have, and that is causing problems. Your best solution probably will be to
start from scratch and rebuild the domain controller, since it is not a
production machine. You will have to rejoin the other computers to the
domain. Check event viewer for any clues. Run dcdiag on the domain
controller and netdiag on one of the member machines. -- Steve
http://support.microsoft.com/default.aspx?scid=kb;EN-US;223316
http://is-it-true.org/nt/nt2000/atips/atips24.shtml
"David Cross [MS]" <dcross@online.microsoft.com> wrote in message
news:OeSgN3NXDHA.2484@TK2MSFTNGP09.phx.gbl...
> I don't think the de-install of the CA had anything to do with this.
Likely
> a red herring.
>
> --
>
>
> David B. Cross [MS]
>
> --
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
> http://support.microsoft.com
>
> "Howard" <Howard@audio*guy.net> wrote in message
> news:4of3jvs9f2l9mrl04p390sitpdr9jl46lb@4ax.com...
> > While testing and learning EFS in my home environment, I screwed with
> > my CA and messed things up!
> >
> > My Set-up: 3 servers: One Win2K Server domain controller with AD,
> > also has DNS, DHCP, and CA. Second computer is a Win2K member server
> > running Exchange 2000. Third computer is also a Win2K member server
> > acting as my router/firewall to the internet. I also have 3 clients
> > running Win2K and XP.
> >
> > I installed CA a couple of days ago so I can learn about CAs and EFS.
> > I decided to start over, so I stopped the CA service, deleted ALL the
> > certificates that I could find (Administrator, File recovery, etc.)
> > and then re-started the CA.
> >
> > Now, I'm having problems. The "whoami" command from the command
> > prompt doesn't work anymore (not recognizable as an internal or
> > external command). Secedit doesn't work anymore either, it just
> > starts Microsoft Help! I can't refresh policies without secedit!
> >
> > The above happens on ALL clients and servers. None of them recognize
> > the "whoami" or "secedit" commands. And no, I wasn't smart enough to
> > export and backup the certificates I deleted! Dohhh!
> >
> > How can I fix this? Do I need to remove and reinstall AD? Since this
> > is happening on all computers, I'm presuming it's an AD problem, but
> > not sure.
> >
> > Any feedback is appreciated.
> >
> > Thanks,
> >
> > Howard
> >
> > Posted Via Usenet.com Premium Usenet Newsgroup Services
> > ----------------------------------------------------------
> > ** SPEED ** RETENTION ** COMPLETION ** ANONYMITY **
> > ----------------------------------------------------------
> > http://www.usenet.com
>
>
- Next message: Terese: "Re: Tool to report disabled users"
- Previous message: Steven L Umbach: "Re: Help attempting to get hacked?"
- In reply to: David Cross [MS]: "Re: I messed up my CA"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
