Avatar of jkeegan123
jkeegan123
Flag for United States of America asked on

Domain Controller D.R. - with Certificate Authority

Hello,

We recently had an issue with a Windows 2008 r2 domain controller, and since we had domain controllers in other sites, rather than troubleshoot this issue further, the domain controller was decommissioned with the intention of promoting from surviving domain controller copies at other sites.

However, after the server was decommissioned with metadata cleanup and this servers roles seized to other domain controllers, it was discovered that this server was the certificate authority ca for the Domain. How can I readd Certificate Services to the domain without in validating existing certificates and services? We do a fair amount of file encrypting and use the encrypting file system.

When we went to add Certificate Services to the new domain controller that was promoted to replace the failed DC, Certificate Services asks if we want to " create a new private key or use an existing one"

What is the best way to proceed without invalidating issued certificates, and to prevent existing encrypted data from becoming un-decryptable?
Active DirectoryDisaster RecoveryEncryption

Avatar of undefined
Last Comment
Peter Hutchison

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Peter Hutchison

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Your help has saved me hundreds of hours of internet surfing.
fblack61