Before attempting to install Active Directory Certificate Services role on a Dev/Test server (and domain member), I ran the command "certutil", which returned two servers in our organization - listing them as Authorities.
One, a former Exchange Server. The second a soon-to-be retired credit card processing location. I would have assumed that our Domain Controllers would be the CA’s, but unless I am missing something, they don’t appear to have these roles/features installed.
My question and concern is this:
If I install Active Directory Certificate Services role on a Dev/Test server, with the Certification Authority and Certification Authority Web Enrollment services, what are the implications for the rest of the domain? And what are the implications when I want to install this same role + services on the Live/Production server after running tests on the Dev/Test?
I have followed the step-by-step video to Deploying and Configuring ADFS 2.0, as well as the video for IFD for Microsoft Dynamics CRM 2011.
It is unclear to me how installing this role (whether Standalone/Enterprise or Root CA/Subordinate CA) may or may not impact the other two CA.
I really just want to bust through the install to begin testing, but I have a vague sense that it might create havoc in some way, domain wide.
What are the do’s and don’ts here?
The goal simply put: prepare our on-premise CRM server for Internet-facing deployment. I have done the entire process in a cloud server, totally segregated from our internal network. It was slick, easy. But I fear that I will taint the Active Directory if I just start installing roles that pertain to CA.