I installed a new Root CA in for our internal/corporate network a few months back, set up certificate autoenrollment, verified that machines are getting automatically enrolled with new computer certs from new CA, and finally uninstalled certificate services from the old CA (which was also a domain controller).
Several months later, I finally decommission that old domain controller and remove it from the network. Now, all of my workstations are continually generating an Event 6 from CertificateServicesClient-AutoEnrollment. Error message is
"Automatic certificate enrollment for local system failed (0x8007000d) The data is invalid."
Does anyone know what could be generating this error?
Checking a few of the workstations, I see each of them have a computer certificate issued from the new CA from several months ago, and they also still have the old certificate issued from the old CA (but not yet expired). Could the error message have something to do with the fact that the old certificate still resides on the machine and now the old CA is gone? That doesn't seem right to me since I uninstalled AD CS from the old CA months ago and am only now seeing this error message. Seems like some issue with the removal of the domain controller since the error messages only began appearing after that.
Shaun