Moving roles from physical to virtual
I am moving some roles from a physical server to a virtual server and was wondering what the order of operations should be. I have a physical server that is a domain controller (no fsmo roles), network policy server and a certificate server. I will have the same roles on the virtual server. Both servers are running Windows 2016.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The reason for the cert services was because of the recommendation made here when I was setting up radius on my NPS for wireless access
You do need certificate services server, but not on a DC. Member server is better because you don't want to keep having to move it when you upgrade DCs. I am sure there are other reasons to put on a member server as well.
ASKER
This is a one of. At the time of visualizing we could not do this one because P2V was not recommended on a DC. Are there other reasons not to have cert services on a DC?
One of the reason i know is, if you want to demote the DC (for some reason), you need to remove the CA role first then only it will allow you to demote. Other than this i didn't face any issues if this resides on a DC.
ASKER
OK. Thanks for the useful advice all.
What are the roles you are planning to move?
1) You can follow the steps to move Certificate Services https://www.petenetlive.com/KB/Article/0001473
2) For Network Policy server, you can export the NPS configuration and import it on the other server. The procedures are outlined here https://docs.microsoft.com/en-us/windows-server/networking/technologies/nps/nps-manage-export
No matter which one you are moving first as there isn't any order for these 2 roles.