Organizations have different reasons and requirements for upgrading or migrating to Active Directory Certificate Services (AD CS). They include:
The choice between whether to upgrade or migrate AD CS environment depends on the features and role services that needs to be implemented and the current and desired network environment. The following flow chart will help in selecting the appropriate options and strategies.
In this blog I will demonstrate how to migrate a Windows 2003 based Enterprise CA to Windows 2008 R2 based CA with same PKI name and hostname.
I hear the restore won't work if the other server has a different name.
Andrew, the restore doesn´t work if the CA name is different, in this case you need to maintain the CA name to successfully import settings.
Hi there, is there a way to migrate the CA role and its settings to a dedicated server which has a different server name? Based on some articles, I have seen the limitation with the migration is tied to the original server name, can someone please confirm
this limitation? Thanks
I'm afraid our environment is a bit more complex, we have a three tier PKI infrastructure with 2003 32 bit hardware, a RootCA, an IntermediateCA, and then an IssuingCA, I don't think we can just start at the top and export and import configs all the way
down the chain because of our hardware architecture limitations
Greg - I am in the same boat. Existing 3 tier 2003. What routed did you end up taking?