Hi,
We are migrating computer objects and users from one domain to another in the same forest using ADMT.
Example:
From domain: olddomain.contoso.com
To domain: newdomain.contoso.com
We can see that after the migration of computer objects from olddomain.contoso.com to newdomain.contoso.com that the computer object still has the certificate but now it has the wrong DNS name.
For instance computer1.olddomain.contoso.com but it should have computer1.newdomain.contoso.com since it changed domain.
The computer will not renew the certificate on the basis that it is wrong?
Anything I can do except for removing the certificate on the computer after the migration and letting auto enrollment kicking in?
Settings used in the computer certificate is:
-Validity period: 2 years
-Renewal period: 12 weeks
-Purpose: Signature and encryption
-Minimum key size: 2048
-Subject name format: None
-Include this information in alternative subject name: DNS name
-Extensions -- Application Policies -- Client Authentication
-Minimum Supported CAs: Windows Server 2003 Enterprise
Regards
Niklas