Solved

Certificates & Domain Controllers

Posted on 2004-08-06
1
242 Views
Last Modified: 2013-12-04
I'm currently trying to demote a DC that is running Certificate Services.

The CA has automatically issued certificates to all of our other domain controllers here at our primary office and at our remote sites, each of which have a DC.  The uses of the certs are listed as "Proves your identity to a remote computer" and "Ensures the identity of a remote computer."  In removing this CA from our network (and I will subsequently be recreating it on another DC), what effect would this have on those our domain (file replication, authentication, etc.)?

Additionally, what would I need to do to mitigate those potentially bad consequences?

The environment is a Windows 2000 Domain in Mixed Mode with an Enterprise CA.  Clients all W2k or XP.

Thanks!
0
Comment
Question by:titan6400
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 7

Accepted Solution

by:
msice earned 500 total points
ID: 11756000
Is the DC an Enterprise CA or a Enterprise Subordinate CA? If it is an Enterprise CA you should be able to save the certificates and reinstall on another server but you will then need to update the other subordinates to look at the new Enterprise CA as the trusted source of the new certs. You can have more than one Enterprise CA in a domain so you might want to add the new one before removing the old one, but I would do all of this in a test environment first if I were you.
This doc might help you:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/howto/casetup.mspx 
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question