Hi Zachary,
CA is issuing certificates for whatever purpose you may need:
- Encrypting File System,
- E-Mail, signing, encrypting messages
- SSL (https) for your web server, intranet web server, Outlook Web Access
- We use it for logging onto our wireless network.
You can check which certificates you issued, in the CA console.
"Zachary" <> wrote in message
news:...
> Ok, from what i have found on the web my best route would be to upgrade
> the CA to 2003 and backup and restore it to a 2003 server, then perform
> the sames steps for 2008.
> (http://support.microsoft.com/default.aspx/kb/298138,
> http://technet.microsoft.com/en-us/l...8WS.10%29.aspx)
>
> The only question i have left unanswered is weather or not i can find out
> why CA is installed on the server in the first place. Anyone have any
> suggestions on how to go about finding out what CA is doing for our
> network?
>
> "Zachary" <> wrote in message
> news:un%...
>> Any help on this would be greatly appreciated.
>>
>> "John John - MVP" <> wrote in message
>> news:...
>>> See in-line:
>>>
>>> Zachary wrote:
>>>> We currently have a Win2k server that we are looking to decommission so
>>>> we can install it with windows 2008. This 2k server is a domain
>>>> controller with no FSMO roles on it but CA is still running on the
>>>> server. We currently have a 2008 server that is acting as our primary
>>>> DC. Two questions:
>>>>
>>>>
>>>>
>>>> First, how can I check whether or not the CA is still being used? I
>>>> have inherited this setup from a previous IT Group so I am unsure of
>>>> what practices have been in place before I was here.
>>>
>>> I don't know for sure but unless you properly removed the existing CA
>>> and created a new one on the new Server 2008 I would think that the CA
>>> on the Server 2000 would still be used. You could simply disable the
>>> Certificate Service for an extended period and see what happens, if
>>> things go wonky you can just re-enable the Certificate service. These
>>> might be helpful:
>>>
>>> http://support.microsoft.com/kb/889250
>>> How to decommission a Windows enterprise certification authority and how
>>> to remove all related objects from Windows Server 2003 and from Windows
>>> Server 2000
>>>
>>> http://support.microsoft.com/kb/231881
>>> HOW TO: How to Install/Uninstall a Public Key Certificate Authority for
>>> Windows 2000
>>>
>>> http://articles.techrepublic.com.com...66.html?tag=sc
>>> Move Certificate Authority to another Windows 2000 Server
>>>
>>> http://www.microsoft.com/windows/win...rocsBackup.htm
>>> Back up a certification authority
>>>
>>>> Second, if I am unsure or if the services are still needed, can I move
>>>> the CA to the 2008 server?
>>>
>>> I don't think so, all of the Microsoft information that I have seen
>>> always says that you must first upgrade Server 2000 to 2003 and then in
>>> turn upgrade Server 2003 to 2008, there seems to be no direct path to
>>> move the CA directly from Server 2000 to Server 2008. You may find
>>> useful information here:
>>> http://technet.microsoft.com/en-us/l...66(WS.10).aspx
>>>
>>> You might have better help with this if you ask the folks on one of the
>>> Server groups, maybe here:
>>> news://msnews.microsoft.com/microsof...server.general
>>>
>>> John
>>
>>
>
>
Similar Threads
Linear Mode
