[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3274
  • Last Modified:

How to remove active directory certificate services sbs 2008 std ?

Hello and thank you for taking the time out to read my question.


New server. SBS 2011 STD.
Before bringing the server to work. I connected it at home, created a new domain, named the server and updated the OS.

I brought the server to work today to install and setup.
First I had to change the IP to get the server on the network.
After that I ran DCPROMO.EXE to promote to DC and setup DNS.

I got a message

"Before you can install or remove Active Directory Domain Services, you must remove Active Directory Certificate services."

I open up Certificate Authority certsrv.exe and revoked all issued certificates. I see that they went to the revoked certificates folder, however this did not do the trick. I'm still being asked to  remove Active Directory Certificate services.

Please help, how do i  remove Active Directory Certificate services.

Many thanks in advance.

0
loshdog
Asked:
loshdog
  • 2
  • 2
2 Solutions
 
Cliff GaliherCommented:
You DON'T on SBS. it is already a DC as well. You do not run DCPROMO as this is done during the initial install of the OS.

-Cliff
0
 
loshdogAuthor Commented:
Hello Cliff

Thank you for your response.

Did i mess things up by setting it up at my house first?
Did DNS get configured or do I need to reconfigure?  I believe that I need to setup the reverse lookup zone and enter ISP dns servers in DNS fowarders?

Just want to make sure I'm on the right track here..

Thank you..
0
 
Cliff GaliherCommented:
SBS uses root hints bu default, not ISP forwarders. You are welcome to set those manually, but SBS does not automate the process. Simply rerun the wizards if you need to make minor changes. Major changes may require a reinstall.

-Cliff
0
 
abhijitwaikarCommented:
Hi,

You said that you already connected new sbs2011 at home, created a new domain, named the server and updated the OS.
Means you have already promoted SBS 2011 in a new domain? Now question is what exactly you want to achive? Do you want seperate domain in single forest?

you can't run multiple SBS servers in same network.

As per your question "How to remove active directory certificate services sbs 2008 std?" I am considering that CA is installed on SBS2008.

So as per my understanding correct path is below:
1. SBS 2008 domain is already present
2. Install SBS 2011 on new box, join it to existing network.
3. Promote 2011 as DC.
4. Transfer FSMO roles from 2008 to 2011.  (I guess 2008 will not allow you to transfer but give a try other wise you nned to seize them).
5. Certificate Authority is that you really can't transfer the certs. But you can do a backup of them, then remove CA role from 2008 and demote it.
6. Now on  new server 2011,  install CA role on it and restore the Certs to it. (CA will need same server name to restore, If you really do not want CA then skip restore step. Just backup them from old server, remove CA role and demote 2008 thats it)

Regards,
Abhijitw.

0
 
loshdogAuthor Commented:
Thank you very much.

This helped a lot..
0

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now