<div>
<div class="content wysiwyg-content">
Hi Guys, 
 
I have a network with a single domain and 2 sites (A and B), domain functional level is Windows 2003 at the moment. 
 
Site A has: 
 
1. PDC running SBS 2003 (DHCP, DNS, Certificate Service) holding all FSMO roles 
2. Windows 2008 R2 DC recently joined the network. 
 
Site B has: 
 
&nbsp;1. DC running Windows 2003 R2 Standard 
 
 
I planning to demote the SBS 2003 on site A in order to upgrade domain functional level to Windows 2008 
 
 
What I did: 
 
- Moved all FSMO roles from SBS 2003 to Windows 2008 R2 
 
Now when trying to demote SBS 2003 by running 'dcpromo' I receive the following: 
 
&quot;Before you can install or remove Active Directory, you must remove Certificate Services&quot; 
 
I am not sure how important is the role of the certificate services on the network. 
The SBS 2003 box was running Exchange 2003 years ago, but this has now been demoted. 
 
How can I safely find out if I can just revoke the certificates and demote the SBS or 
if I shall move the certificate services to the 2008 R2 DC box? 
 
Thanks, 
Rod
</div>
</div>

Hi Guys,

I have a network with a single domain and 2 sites (A and B), domain functional level is Windows 2003 at the moment.

Site A has:

1. PDC running SBS 2003 (DHCP, DNS, Certificate Service) holding all FSMO roles
2. Windows 2008 R2 DC recently joined the network.

Site B has:

 1. DC running Windows 2003 R2 Standard


I planning to demote the SBS 2003 on site A in order to upgrade domain functional level to Windows 2008


What I did:

- Moved all FSMO roles from SBS 2003 to Windows 2008 R2 

Now when trying to demote SBS 2003 by running 'dcpromo' I receive the following:

"Before you can install or remove Active Directory, you must remove Certificate Services" 

I am not sure how important is the role of the certificate services on the network.
The SBS 2003 box was running Exchange 2003 years ago, but this has now been demoted.

How can I safely find out if I can just revoke the certificates and demote the SBS or
if I shall move the certificate services to the 2008 R2 DC box?

Thanks,
Rod

How to deal with Certificate Services whilst demoting a SBS 2003.

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

Small Business Server (SBS) is a line of server operating systems targeted at small businesses by bundling the operating system with a number of other Microsoft products that would normally need to be purchased or licensed separately. The most notable inclusions are Exchange, SQL Server, SharePoint and ISA/TMG (Microsoft's firewall and proxy server).

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).