Pop Quiz: Migrating Certificate Services on Windows Server 2008 R2
Applies to the "Configuring Active Directory Certificate Services" objective of Exam 70-640: Windows Server 2008, Server Administrator.
Q: A company's server administrator needs to migrate certificate services from an aging Windows 2003 server to a newly installed Windows 2008 server. The administrator has added the Active Directory Certificate Services role on the new Windows 2008 server. What steps should the administrator take next? (Choose all that apply.)
- Export the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration registry key.
- Use the Certification Authority snap-in and choose restore.
- Specify the same location as the previous server for the certificate database.
- Configure the server as a standalone or enterprise server.
Answer and explanation is below.
Answer is B, C, D: The Certification Authority snap-in can be used to restore a certificates database to a new server after it has been copied from another server when the backup option was used. The certificates database must be restored to the same directory path location where it was located on the previous server. Configuring the new server as a standalone or enterprise server is required for the correct role in a certificates services deployment.
Quick Tip: A Windows Active Directory domain is required when configuring a server as an enterprise CA server. Exporting the registry key needs to be completed on the previous server and then imported on the new server.
Bonus Question: Which Windows 7 licensing technology MKS or MAK is the best choice for an organization with 25 desktops? (Tweet your answer with #pop640c and get a chance to win a rare MCPmag.com baseball cap! Deadline for entries is Monday, October 8.)
Answer to bonus question from last time: The Active Directory Certificate Services role needs to be installed to provide customizable services for creating and managing public key certificates used in software security systems employing public key technologies.
Andy Barkl, MCT/MCITP/MCSA, A+, Network+, Security+, CCNA has been studying technology for 30 years. Of the last 15 years, he has spent much of his time parting the knowledge and experience he has gained through IT exams, over 300, to help others be prepared and successful. He teaches classes in Phoenix, Ariz. where he has lived most of his life. He can be reached by e-mail at email@example.com.