Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Moving an Enterprise Root CA

Status
Not open for further replies.
jrcanfer

jrcanfer

MIS
Aug 11, 2002
34
GB
I need to retire an old win2k server which is our Enterprise Root CA.

The rest of our core infrastructure is moving over to Win2003 or already is Win2003.

Is there any way of making one of our Win2003 Servers the Enterprise Root CA - i.e. moving the role across to it without totally screwing up the domain security?

From what I've read the only real option is to build up a second server offline with the same name, copy over the certs from a backup, then retire the first server and bring the second online.

Are there any other options open to me?

Many thanks
 
Sort by date Sort by votes
That way is the safest. I would do that unless you want problems.

If you are stuck for hardware, do it twice. Once to a crappy machine, then again to the original server.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
724
microsGuy16
microsGuy16
maybeimaleo
  • Locked
  • Question
Is There a Best Windows OS to Upgrade a CA Server to?
Replies
5
Views
430
maybeimaleo
maybeimaleo
mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
1K
gbaughma
gbaughma
jamescpp
  • Locked
  • Question
Adding an attribute to ADLDS
Replies
1
Views
359
jamescpp
jamescpp
juniper911
  • Locked
  • Question
Smartcard PIN Cache - is it configurable?
Replies
0
Views
266
juniper911
juniper911

Part and Inventory Search

Sponsor

Back
Top