Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to remove active directory certificate services sbs 2008 std ?

Posted on 2011-09-13
5
Medium Priority
?
3,210 Views
Last Modified: 2013-12-02
Hello and thank you for taking the time out to read my question.


New server. SBS 2011 STD.
Before bringing the server to work. I connected it at home, created a new domain, named the server and updated the OS.

I brought the server to work today to install and setup.
First I had to change the IP to get the server on the network.
After that I ran DCPROMO.EXE to promote to DC and setup DNS.

I got a message

"Before you can install or remove Active Directory Domain Services, you must remove Active Directory Certificate services."

I open up Certificate Authority certsrv.exe and revoked all issued certificates. I see that they went to the revoked certificates folder, however this did not do the trick. I'm still being asked to  remove Active Directory Certificate services.

Please help, how do i  remove Active Directory Certificate services.

Many thanks in advance.

0
Comment
Question by:loshdog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 36530531
You DON'T on SBS. it is already a DC as well. You do not run DCPROMO as this is done during the initial install of the OS.

-Cliff
0
 

Author Comment

by:loshdog
ID: 36530589
Hello Cliff

Thank you for your response.

Did i mess things up by setting it up at my house first?
Did DNS get configured or do I need to reconfigure?  I believe that I need to setup the reverse lookup zone and enter ISP dns servers in DNS fowarders?

Just want to make sure I'm on the right track here..

Thank you..
0
 
LVL 59

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 1000 total points
ID: 36530611
SBS uses root hints bu default, not ISP forwarders. You are welcome to set those manually, but SBS does not automate the process. Simply rerun the wizards if you need to make minor changes. Major changes may require a reinstall.

-Cliff
0
 
LVL 10

Accepted Solution

by:
abhijitwaikar earned 1000 total points
ID: 36531781
Hi,

You said that you already connected new sbs2011 at home, created a new domain, named the server and updated the OS.
Means you have already promoted SBS 2011 in a new domain? Now question is what exactly you want to achive? Do you want seperate domain in single forest?

you can't run multiple SBS servers in same network.

As per your question "How to remove active directory certificate services sbs 2008 std?" I am considering that CA is installed on SBS2008.

So as per my understanding correct path is below:
1. SBS 2008 domain is already present
2. Install SBS 2011 on new box, join it to existing network.
3. Promote 2011 as DC.
4. Transfer FSMO roles from 2008 to 2011.  (I guess 2008 will not allow you to transfer but give a try other wise you nned to seize them).
5. Certificate Authority is that you really can't transfer the certs. But you can do a backup of them, then remove CA role from 2008 and demote it.
6. Now on  new server 2011,  install CA role on it and restore the Certs to it. (CA will need same server name to restore, If you really do not want CA then skip restore step. Just backup them from old server, remove CA role and demote 2008 thats it)

Regards,
Abhijitw.

0
 

Author Closing Comment

by:loshdog
ID: 36533511
Thank you very much.

This helped a lot..
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question