We have a complicated certifier set up, where each division has an OU2 and each deparment under that division has an OU3 under that OU2. Usually, departments change but divisions are static – until they split or reorganize or expand and suddenly a director needs a new OU2, but the department OU3’s must remain the same.
So I create the new OU2. And all the new OU3’s and prepare to move a bunch of people. Suddenly, it is discovered that the OU2 change will have a MAJOR impact on access to certain critical tools. Put the move on hold.
Idiot me; I gave the new certifier IDs the same names as the old ones, after moving the old ones to an “old certs” folder.
Now I have to reverse this, but even though I’ve moved the NEW certs to a separate folder, and pulled the OLD certs back from the “old certs” folder, when I go to use one, I’m getting the fully qualified name of the NEW cert, not the old one. Both sets of certificates exist in our ID repository and in the Address Book.
Any ideas how I can get back to the way things were? Do I have to wipe out everything?