Active Directory Certificate Service

hi

i'm having issue org certificate authority

we used have 2003 server called dc02 deprecated, if try open certificate service management there error because target dc02 dose not exist anymore 

and get  error 0x6ba (win32 : 1722)

i can see in event viewer :

log name:      application
source:        microsoft-windows-certificationauthority
date:          24/02/2017 03:12:33
event id:      44
task category: none
level:         error
keywords:      classic
user:          system
computer:      mail.nextage.local
description:
"windows default" policy module "initialize" method returned error. specified domain either not exist or not contacted. returned status code 0x8007054b (1355).  active directory containing certification authority not contacted.

event xml:
<event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <system>
    <provider name="microsoft-windows-certificationauthority" guid="{6a71d062-9afe-4f35-ad08-52134f85dfb9}" eventsourcename="certsvc" />
    <eventid qualifiers="49754">44</eventid>
    <version>0</version>
    <level>2</level>
    <task>0</task>
    <opcode>0</opcode>
    <keywords>0x80000000000000</keywords>
    <timecreated systemtime="2017-02-24t01:12:33.000000000z" />
    <eventrecordid>71609414</eventrecordid>
    <correlation />
    <execution processid="0" threadid="0" />
    <channel>application</channel>
    <computer>mail.nextage.local</computer>
    <security userid="s-1-5-18" />
  </system>
  <eventdata name="msg_e_policy_error">
    <data name="policymoduledescription">windows default</data>
    <data name="methodname">initialize</data>
    <data name="errorcode">0x8007054b (1355)</data>
    <data name="param4">the active directory containing certification authority not contacted.
</data>
    <data name="errorstring">the specified domain either not exist or not contacted.</data>
  </eventdata>
</event>

i'm desperate issue 

tanks

erez

hi erez,
after dc02 deprecated, have tried clean metadata?
clean server metadata
https://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx
after dc2 removed, maybe, need adjustment ca server aspect, example, point dns address other dc’s ip, not dc2.
in addition, since issue relates ca, still suggest post question in security forum.
https://social.technet.microsoft.com/forums/windowsserver/en-us/home?forum=winserversecurity
reason why recommend posting appropriately qualified pool of respondents, , other partners read forums regularly can either share knowledge or learn interaction us. thank understanding.
best regards,
wendy

---

please remember mark replies answers if help.
if have feedback technet subscriber support, contact tnmff@microsoft.com. 

Windows Server  >  Directory Services