Nothing that I can think of that would cause this. As I mentioned before, the only thing on that machine that used SSL was Dell ITAssistant, and I don't see how that could have pushed a certificate out to every machine in the domain without modifying a GPO or setting up a CA, which we don't have. For example most of our servers only get (1) GPO applied, the Default Domain Policy, and I've checked that, no reference to the certificate in there.
I really need to track this down. Thanks for the help Chris Bodnar, MCSE Sr. Systems Engineer Infrastructure Service Delivery Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: [email protected] Phone: 610-807-6459 Fax: 610-807-6003 _____ From: [email protected] [mailto:[email protected]] Sent: Tuesday, September 22, 2009 8:15 PM To: NT System Admin Issues Subject: RE: Intermediate Certification Authorities Something had to have installed it somehow. What software have you installed on those machines that might have done this? Alternatively any GPOs that have done this? The actual certificate - does it give any clues as to what it's for or who issued it? Cheers Ken From: Christopher Bodnar [mailto:[email protected]] Sent: Wednesday, 23 September 2009 12:03 AM To: NT System Admin Issues Subject: Intermediate Certification Authorities Need help with this: Windows 2003 forest functional level. We currently do not have a PKI infrastructure. There is a certificate in every machines Intermediate Certification Authorities -> Certificates folder , and I'm not sure how it got there. I had a test server that I installed Dell IT Assistant on back in May. I believe the server generates a self signed certificate for SSL communication. Now that certificate is on every machine in the domain. I did NOT add it to any GPO. How is it getting there? Any thoughts? Thank you, Chris ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
