Installing Active Directory Certificate Services on windows 2008 R2

Posted on 2012-08-21
Last Modified: 2012-09-09
Hi Experts,

I would like to install Lync server 2010 on one of my server , as a prerequesite I need to have a certificate authority installed on my domain.
I currently have:
1 2003 server with SQL installed
1 2003 Server with DNS / AD / Exchange installed
1 2008 R2 Server with DNS /DHCP /AD

My question is regarding my domain , if I install the role "Active Directory Certificate Services" on my domain controller" on my windows 2008 AD is it gonna change anything to my users who are currently connected? and what about Exchange ,is it gonna stop working until a certificate is installed in it?

I am very unfamiliar with Certificate so I am not sure what is the impact after this role is installed.
Can someone clarify that?

this is what I understand about certificate, when a client or server are accessing each other if the certificate is not the same on both sides then they won't communicate.
Thank you.
Question by:taverny
    LVL 53

    Assisted Solution

    by:Will Szymkowski
    If you are not familiar with ADCS I would definitly spend sometime reading the below technet. ADCS is an animal in itself and depending on the steps and integration a lot of time might be required to set it up properly.

    Another thing to note is that it is not recommended to install ADCS on a domain controller or Exchange server. You will want to install this on another member server in your environment.

    Hope this helps!
    LVL 11

    Assisted Solution

    ADCS can be installed on a member server or on a stand alone server. here is the Certificate Services Best practices

    Author Comment

    Thank you for your response, I do have a tutorial on how to install it, my question is regarding my users currently connected to the domain. Do I need to add a user certificate to all the computers connected to the domain after the role is installed ? and also my other AD will it no work until that I install a certificate on it , or everything is still gonna work and the certificate can be used for the server/application I choose?

    I am following this video on youtube to install the certificate required for my LYNC server:
    at 2:30 min this is where he talks about the certificate.

    LVL 11

    Accepted Solution

    You will be installing the ADCS on the domain controller with enterprise installation mode also latter in the configuration of topology you can add additional domain this way you don't have to worry about the certificate for local and other domain as long as you have trust between them.

    Author Comment

    I finally installed the certificate server on my domain controller , and generate a certificate for my lync server and everything seems to be fine. Thank you for your help.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
    Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
    This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
    To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now