Guest Mark Bohlsen Posted August 26, 2008 Posted August 26, 2008 3Hi, I plan to migrate my existing Windows 2000 physical server running certificate services (subordinate CA in the forest) to a VM, and then upgrade the server to Windows 2003 R2. Are there any caveats to an in place upgrade of this type? I will have to change the ip address, but the name of the server will stay the same. Is there any problems with this? Also, when I do the in place upgrade does it automatically detect that certificate services is installed and upgrade the certificate database without having to do anything else? Currently, all of 3 DC's in this child domain are Windows 2003. Any help or advice would be greatly appreciated, as I haven't gone through an upgrade of this type. Thanks in advance. Quote
Guest Dan Posted August 27, 2008 Posted August 27, 2008 I am sure if you contact Microsoft directly they can give you very good advice. BTW, why do you want to upgrade and please forgive the question but does your current system not meet your needs or something else? Thanks in advance for helping me and others understand your needs. "Mark Bohlsen" wrote: <span style="color:blue"> > 3Hi, I plan to migrate my existing Windows 2000 physical server running > certificate services (subordinate CA in the forest) to a VM, and then upgrade > the server to Windows 2003 R2. Are there any caveats to an in place upgrade > of this type? I will have to change the ip address, but the name of the > server will stay the same. Is there any problems with this? Also, when I do > the in place upgrade does it automatically detect that certificate services > is installed and upgrade the certificate database without having to do > anything else? Currently, all of 3 DC's in this child domain are Windows > 2003. Any help or advice would be greatly appreciated, as I haven't gone > through an upgrade of this type. Thanks in advance.</span> Quote
Guest Mark Bohlsen Posted August 27, 2008 Posted August 27, 2008 I would like to upgrade to Windows 2003 so I can stay current and avoid an issue with unsupported software in the near future with Windows 2000. My hardware is out of warranty and I thought this would be a good opportunity to do both. I have contacted Microsoft support and they will not talk to me about the question. They try to send me off to pre-sales, saying it's not a break/fix issue. "Dan" wrote: <span style="color:blue"> > I am sure if you contact Microsoft directly they can give you very good > advice. BTW, why do you want to upgrade and please forgive the question but > does your current system not meet your needs or something else? Thanks in > advance for helping me and others understand your needs. > > "Mark Bohlsen" wrote: > <span style="color:green"> > > 3Hi, I plan to migrate my existing Windows 2000 physical server running > > certificate services (subordinate CA in the forest) to a VM, and then upgrade > > the server to Windows 2003 R2. Are there any caveats to an in place upgrade > > of this type? I will have to change the ip address, but the name of the > > server will stay the same. Is there any problems with this? Also, when I do > > the in place upgrade does it automatically detect that certificate services > > is installed and upgrade the certificate database without having to do > > anything else? Currently, all of 3 DC's in this child domain are Windows > > 2003. Any help or advice would be greatly appreciated, as I haven't gone > > through an upgrade of this type. Thanks in advance.</span></span> Quote
Guest Paul Adare - MVP Posted August 27, 2008 Posted August 27, 2008 On Tue, 26 Aug 2008 12:52:27 -0700, Mark Bohlsen wrote: <span style="color:blue"> > 3Hi, I plan to migrate my existing Windows 2000 physical server running > certificate services (subordinate CA in the forest) to a VM, and then upgrade > the server to Windows 2003 R2. Are there any caveats to an in place upgrade > of this type? I will have to change the ip address, but the name of the > server will stay the same. Is there any problems with this? Also, when I do > the in place upgrade does it automatically detect that certificate services > is installed and upgrade the certificate database without having to do > anything else? Currently, all of 3 DC's in this child domain are Windows > 2003. Any help or advice would be greatly appreciated, as I haven't gone > through an upgrade of this type. Thanks in advance.</span> Ignore Dan, he tries to insert himself into threads even when he has no idea what he's talking about, as is the case here. An in-place upgrade from 2000 to 2003 will work just fine and Certificate Services will be upgraded along with the rest of the OS bits. Keep in mind however, that you don't get to take full advantage of all of the new Certificate Services features in 2003 unless your CA is running the Enterprise or Datacentre Edition SKU. -- Paul Adare MVP - Identity Lifecycle Manager http://www.identit.ca That does not compute. Quote
Guest Mark Bohlsen Posted August 27, 2008 Posted August 27, 2008 Paul, Thanks for the response. Dan had me worried, I was hoping that wasn't going to be an attempt to answer my question. Anyway, I was wondering if you could expand on the 2003 features that I would be missing out on if I went with 2003 standard edition. Thanks in advance. Mark "Paul Adare - MVP" wrote: <span style="color:blue"> > On Tue, 26 Aug 2008 12:52:27 -0700, Mark Bohlsen wrote: > <span style="color:green"> > > 3Hi, I plan to migrate my existing Windows 2000 physical server running > > certificate services (subordinate CA in the forest) to a VM, and then upgrade > > the server to Windows 2003 R2. Are there any caveats to an in place upgrade > > of this type? I will have to change the ip address, but the name of the > > server will stay the same. Is there any problems with this? Also, when I do > > the in place upgrade does it automatically detect that certificate services > > is installed and upgrade the certificate database without having to do > > anything else? Currently, all of 3 DC's in this child domain are Windows > > 2003. Any help or advice would be greatly appreciated, as I haven't gone > > through an upgrade of this type. Thanks in advance.</span> > > Ignore Dan, he tries to insert himself into threads even when he has no > idea what he's talking about, as is the case here. > An in-place upgrade from 2000 to 2003 will work just fine and Certificate > Services will be upgraded along with the rest of the OS bits. > Keep in mind however, that you don't get to take full advantage of all of > the new Certificate Services features in 2003 unless your CA is running the > Enterprise or Datacentre Edition SKU. > -- > Paul Adare > MVP - Identity Lifecycle Manager > http://www.identit.ca > That does not compute. > </span> Quote
Guest Brian Komar \(MVP\) Posted August 27, 2008 Posted August 27, 2008 - No issuance of certificates based on version 2 certificate templates = no customized certificates- - No key archival and recovery - No autoenrollment of user certificates for deployment - Can only issue version 1 certificates using Automatic Certificate Request Services for computer certificates To be honest, you pretty much gain nothing moving from Windows 2000 to Windows 2003 if you do not run on Enterprise or Data Center Edition SKUs. The only thing you gain is newer bits Brian "Mark Bohlsen" <MarkBohlsen@discussions.microsoft.com> wrote in message news:157E9980-A8A6-4162-8351-BE668CCB06EB@microsoft.com...<span style="color:blue"> > Paul, > > Thanks for the response. Dan had me worried, I was hoping that wasn't > going > to be an attempt to answer my question. Anyway, I was wondering if you > could > expand on the 2003 features that I would be missing out on if I went with > 2003 standard edition. Thanks in advance. > > Mark > > "Paul Adare - MVP" wrote: ><span style="color:green"> >> On Tue, 26 Aug 2008 12:52:27 -0700, Mark Bohlsen wrote: >><span style="color:darkred"> >> > 3Hi, I plan to migrate my existing Windows 2000 physical server running >> > certificate services (subordinate CA in the forest) to a VM, and then >> > upgrade >> > the server to Windows 2003 R2. Are there any caveats to an in place >> > upgrade >> > of this type? I will have to change the ip address, but the name of >> > the >> > server will stay the same. Is there any problems with this? Also, >> > when I do >> > the in place upgrade does it automatically detect that certificate >> > services >> > is installed and upgrade the certificate database without having to do >> > anything else? Currently, all of 3 DC's in this child domain are >> > Windows >> > 2003. Any help or advice would be greatly appreciated, as I haven't >> > gone >> > through an upgrade of this type. Thanks in advance.</span> >> >> Ignore Dan, he tries to insert himself into threads even when he has no >> idea what he's talking about, as is the case here. >> An in-place upgrade from 2000 to 2003 will work just fine and Certificate >> Services will be upgraded along with the rest of the OS bits. >> Keep in mind however, that you don't get to take full advantage of all of >> the new Certificate Services features in 2003 unless your CA is running >> the >> Enterprise or Datacentre Edition SKU. >> -- >> Paul Adare >> MVP - Identity Lifecycle Manager >> http://www.identit.ca >> That does not compute. >> </span></span> Quote
Guest Dan Posted August 28, 2008 Posted August 28, 2008 Thanks Brian. As you can see Mark Bohlsen my questions were relevant because it helped you to explain what you wanted to do and Paul has given his thoughts and now clearer heads prevail again with Brian Komar whose response is clear cut and shows that unless you have Enterprise or Data Center SKu's you will only gain newer bits. As we all can see, Brian Komar, mvp has cleared away the confusion of the situation and now Mark Bohlsen can make a better decision in how Mark would like to proceed and going to newer software does not always mean that the huge investment return on the newer software is worth the cost. Remember, Microsoft even has over 100+ pages about properly securing and safeguarding Windows 98 and Windows NT computers available from their website. "Brian Komar (MVP)" wrote: <span style="color:blue"> > - No issuance of certificates based on version 2 certificate templates = no > customized certificates- > - No key archival and recovery > - No autoenrollment of user certificates for deployment > - Can only issue version 1 certificates using Automatic Certificate Request > Services for computer certificates > > To be honest, you pretty much gain nothing moving from Windows 2000 to > Windows 2003 if you do not run on Enterprise or Data Center Edition SKUs. > The only thing you gain is newer bits > Brian > > > "Mark Bohlsen" <MarkBohlsen@discussions.microsoft.com> wrote in message > news:157E9980-A8A6-4162-8351-BE668CCB06EB@microsoft.com...<span style="color:green"> > > Paul, > > > > Thanks for the response. Dan had me worried, I was hoping that wasn't > > going > > to be an attempt to answer my question. Anyway, I was wondering if you > > could > > expand on the 2003 features that I would be missing out on if I went with > > 2003 standard edition. Thanks in advance. > > > > Mark > > > > "Paul Adare - MVP" wrote: > ><span style="color:darkred"> > >> On Tue, 26 Aug 2008 12:52:27 -0700, Mark Bohlsen wrote: > >> > >> > 3Hi, I plan to migrate my existing Windows 2000 physical server running > >> > certificate services (subordinate CA in the forest) to a VM, and then > >> > upgrade > >> > the server to Windows 2003 R2. Are there any caveats to an in place > >> > upgrade > >> > of this type? I will have to change the ip address, but the name of > >> > the > >> > server will stay the same. Is there any problems with this? Also, > >> > when I do > >> > the in place upgrade does it automatically detect that certificate > >> > services > >> > is installed and upgrade the certificate database without having to do > >> > anything else? Currently, all of 3 DC's in this child domain are > >> > Windows > >> > 2003. Any help or advice would be greatly appreciated, as I haven't > >> > gone > >> > through an upgrade of this type. Thanks in advance. > >> > >> Ignore Dan, he tries to insert himself into threads even when he has no > >> idea what he's talking about, as is the case here. > >> An in-place upgrade from 2000 to 2003 will work just fine and Certificate > >> Services will be upgraded along with the rest of the OS bits. > >> Keep in mind however, that you don't get to take full advantage of all of > >> the new Certificate Services features in 2003 unless your CA is running > >> the > >> Enterprise or Datacentre Edition SKU. > >> -- > >> Paul Adare > >> MVP - Identity Lifecycle Manager > >> http://www.identit.ca > >> That does not compute. > >> </span></span> > </span> Quote
Guest Brian Komar \(MVP\) Posted August 28, 2008 Posted August 28, 2008 Huh????? Not sure where you read all of this into my answer. Brian "Dan" <Dan@discussions.microsoft.com> wrote in message news:2AF4D144-1C68-4EB0-BEA0-24C15C184D78@microsoft.com...<span style="color:blue"> > Thanks Brian. As you can see Mark Bohlsen my questions were relevant > because > it helped you to explain what you wanted to do and Paul has given his > thoughts and now clearer heads prevail again with Brian Komar whose > response > is clear cut and shows that unless you have Enterprise or Data Center > SKu's > you will only gain newer bits. As we all can see, Brian Komar, mvp has > cleared away the confusion of the situation and now Mark Bohlsen can make > a > better decision in how Mark would like to proceed and going to newer > software > does not always mean that the huge investment return on the newer software > is > worth the cost. Remember, Microsoft even has over 100+ pages about > properly > securing and safeguarding Windows 98 and Windows NT computers available > from > their website. > > "Brian Komar (MVP)" wrote: ><span style="color:green"> >> - No issuance of certificates based on version 2 certificate templates = >> no >> customized certificates- >> - No key archival and recovery >> - No autoenrollment of user certificates for deployment >> - Can only issue version 1 certificates using Automatic Certificate >> Request >> Services for computer certificates >> >> To be honest, you pretty much gain nothing moving from Windows 2000 to >> Windows 2003 if you do not run on Enterprise or Data Center Edition >> SKUs. >> The only thing you gain is newer bits >> Brian >> >> >> "Mark Bohlsen" <MarkBohlsen@discussions.microsoft.com> wrote in message >> news:157E9980-A8A6-4162-8351-BE668CCB06EB@microsoft.com...<span style="color:darkred"> >> > Paul, >> > >> > Thanks for the response. Dan had me worried, I was hoping that wasn't >> > going >> > to be an attempt to answer my question. Anyway, I was wondering if you >> > could >> > expand on the 2003 features that I would be missing out on if I went >> > with >> > 2003 standard edition. Thanks in advance. >> > >> > Mark >> > >> > "Paul Adare - MVP" wrote: >> > >> >> On Tue, 26 Aug 2008 12:52:27 -0700, Mark Bohlsen wrote: >> >> >> >> > 3Hi, I plan to migrate my existing Windows 2000 physical server >> >> > running >> >> > certificate services (subordinate CA in the forest) to a VM, and >> >> > then >> >> > upgrade >> >> > the server to Windows 2003 R2. Are there any caveats to an in place >> >> > upgrade >> >> > of this type? I will have to change the ip address, but the name of >> >> > the >> >> > server will stay the same. Is there any problems with this? Also, >> >> > when I do >> >> > the in place upgrade does it automatically detect that certificate >> >> > services >> >> > is installed and upgrade the certificate database without having to >> >> > do >> >> > anything else? Currently, all of 3 DC's in this child domain are >> >> > Windows >> >> > 2003. Any help or advice would be greatly appreciated, as I haven't >> >> > gone >> >> > through an upgrade of this type. Thanks in advance. >> >> >> >> Ignore Dan, he tries to insert himself into threads even when he has >> >> no >> >> idea what he's talking about, as is the case here. >> >> An in-place upgrade from 2000 to 2003 will work just fine and >> >> Certificate >> >> Services will be upgraded along with the rest of the OS bits. >> >> Keep in mind however, that you don't get to take full advantage of all >> >> of >> >> the new Certificate Services features in 2003 unless your CA is >> >> running >> >> the >> >> Enterprise or Datacentre Edition SKU. >> >> -- >> >> Paul Adare >> >> MVP - Identity Lifecycle Manager >> >> http://www.identit.ca >> >> That does not compute. >> >></span> >> </span></span> Quote
Guest Paul Adare - MVP Posted August 28, 2008 Posted August 28, 2008 On Thu, 28 Aug 2008 03:39:03 -0700, Dan wrote: <span style="color:blue"> > Thanks Brian. As you can see Mark Bohlsen my questions were relevant because > it helped you to explain what you wanted to do</span> Your question was completely irrelevant and you don't have the faintest idea as to what is being discussed in this thread. <span style="color:blue"> > and Paul has given his > thoughts</span> I did not give my thoughts, I answered the question. <span style="color:blue"> > and now clearer heads prevail again with Brian Komar whose response > is clear cut and shows that unless you have Enterprise or Data Center SKu's > you will only gain newer bits.</span> Again, you don't have a clue what you're talking about. Clearer heads? Mark asked for additional information which Brian provided as he got to the question before I did. This isn't a competition. <span style="color:blue"> > As we all can see, Brian Komar, mvp has > cleared away the confusion of the situation and now Mark Bohlsen can make a > better decision in how Mark would like to proceed and going to newer software > does not always mean that the huge investment return on the newer software is > worth the cost. Remember, Microsoft even has over 100+ pages about properly > securing and safeguarding Windows 98 and Windows NT computers available from > their website.</span> Would you please stop parroting the above. You're simply showing your lack of knowledge and experience and you're certainly not helping anyone, quite the contrary. -- Paul Adare MVP - Identity Lifecycle Manager http://www.identit.ca Conversational mode: Describes the typical office the day after a major sporting event. Quote
Guest Paul Adare - MVP Posted August 28, 2008 Posted August 28, 2008 On Thu, 28 Aug 2008 08:43:54 -0500, Brian Komar (MVP) wrote: <span style="color:blue"> > Huh????? > Not sure where you read all of this into my answer.</span> You need to read some of Dan's other posts, they'd be funny if the subject weren't so serious and if they weren't so consistently wrong, rambling, off-topic, and misleading. -- Paul Adare MVP - Identity Lifecycle Manager http://www.identit.ca Transistor: A sibling, opposite of transbrother. Quote
Guest Dan Posted August 29, 2008 Posted August 29, 2008 From the folks at Microsoft and over 100 pages! --- [PPT] Threat Mitigation for Windows 98 and Windows NT 4.0File Format: Microsoft Powerpoint - View as HTML Securing Windows NT Networks: What Are the Challenges? Guarding systems against attacks: .... Windows 98 network security can be improved by: ... download.microsoft.com/.../Threat_Mitigation%20for_Windows_98_and_Windows_NT4.ppt - Similar pages "Paul Adare - MVP" wrote: <span style="color:blue"> > On Thu, 28 Aug 2008 03:39:03 -0700, Dan wrote: > <span style="color:green"> > > Thanks Brian. As you can see Mark Bohlsen my questions were relevant because > > it helped you to explain what you wanted to do</span> > > Your question was completely irrelevant and you don't have the faintest > idea as to what is being discussed in this thread. > <span style="color:green"> > > and Paul has given his > > thoughts</span> > > I did not give my thoughts, I answered the question. > <span style="color:green"> > > and now clearer heads prevail again with Brian Komar whose response > > is clear cut and shows that unless you have Enterprise or Data Center SKu's > > you will only gain newer bits.</span> > > Again, you don't have a clue what you're talking about. Clearer heads? Mark > asked for additional information which Brian provided as he got to the > question before I did. This isn't a competition. > <span style="color:green"> > > As we all can see, Brian Komar, mvp has > > cleared away the confusion of the situation and now Mark Bohlsen can make a > > better decision in how Mark would like to proceed and going to newer software > > does not always mean that the huge investment return on the newer software is > > worth the cost. Remember, Microsoft even has over 100+ pages about properly > > securing and safeguarding Windows 98 and Windows NT computers available from > > their website.</span> > > Would you please stop parroting the above. You're simply showing your lack > of knowledge and experience and you're certainly not helping anyone, quite > the contrary. > > -- > Paul Adare > MVP - Identity Lifecycle Manager > http://www.identit.ca > Conversational mode: Describes the typical office the day after a major > sporting event. > </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.