troubleshooting Question

Lost AD CS CA server - now what?

Avatar of dongcamp100
dongcamp100Flag for United States of America asked on
Active DirectoryWindows Server 2008
4 Comments2 Solutions1079 ViewsLast Modified:
Hi all,

A few weeks ago, I lost a domain controller in my network.  Of course, it was a hard fail and I had no good backups.  I thought I had finally recovered when I found that it must have been a CA, as there are certificates that had been issued by it on my domain controllers.  I found this article and was working through it - http://support.microsoft.com/kb/889250.  At one point it says to run "certutil - TCAinfo" and that is reporting the CA as a server that has been gone for nearly two years!  I need to get a CA back up as I am trying to install Lync 2013, but I am a little stuck.  What are the implications of installing a new CA now?  I tried to export a certificate following instructions in another TechNet article, but it says the PK is marked as not exportable, so it will not let me create a .pfx file.  Also, I saw that I should not install the CA on a Domain Controller, is that correct?  All servers are 2008R2.  Any thoughts or suggestions are greatly appreciated!

-Don
ASKER CERTIFIED SOLUTION
Mahesh
Architect
Join our community to see this answer!
Unlock 2 Answers and 4 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 4 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros