Solved

Certificate Authority - Server 2012 R2

Posted on 2014-12-17
2
128 Views
Last Modified: 2014-12-18
We just upgraded our domain controllers to 2012 R2.
I noticed we do not have a certificate authority in our environment.

Do we need one, and what are the ramifications if we do not have one in the environment.

What is best practice?

Thanks
0
Comment
Question by:techgenious
2 Comments
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 40504936
You may or may not need a CA for your environment. That is entirely about your environment itself. As an example, does everyone need a file server?  Many networks do. But those that are heavily cloud-centric may be using OneDrive for Business or DropBox Business and a file server has no benefit.  This is true for almost every role, and ADCS is no different. There are some use cases for an internal CA, and there are some environments  where it'd offer no benefit whatsoever.

As with any network planning, start with what you want to do, then pick the services that get you there. If nothing you want requires a CA, don't install ADCS anywhere. If something you want has a PKI dependency, or if a role explicitly requires a CA, you'll find out quickly during your planning.

-Cliff
0
 
LVL 4

Expert Comment

by:akalyan911
ID: 40505071
it is depend on your domain environment, You can install the AD - Certificate Services if is required. without installation also you can work out..

AD CS starting in Windows Server 2008 provides customizable services for creating and managing public key certificates used in software security systems that employ public key technologies ... in your environment is small and not having much software application, i would suggest you to not install..

you can go through the Microsoft Technet articles from more information..
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

My GPO's made for 2008 R2 servers were not allowing me to RDP into a new 2012 server by default.  That’s why I tried to allow RDP via Powershell, because I could log into a remote shell without further configuration. Below I will describe how I wen…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question