Windows 2003 Certificate Server in Windows 2000 domain with Schema upgraded

scottklee_at_msn.com
Date: 01/28/05

• Next message: Blake: "Re: unable to map to any drive"
• Previous message: Sundaram Narayanan[MSFT]: "Re: unable to map to any drive"
• Next in thread: Brian Komar: "Re: Windows 2003 Certificate Server in Windows 2000 domain with Schema upgraded"
• Reply: Brian Komar: "Re: Windows 2003 Certificate Server in Windows 2000 domain with Schema upgraded"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 28 Jan 2005 10:46:37 -0800

Windows 2000 forest with 2 Windows 2000 domains. PKI Infrastructure is
built using Windows 2000 advanced servers.

I had added a Windows 2003 Enterprise server as a member server in the
domain and configured Certificate server service on it.

Windows 2003 certsrv was working fine. Issued machine certs and user
certs.

Now the change introduced:
In preparation to upgrade the Windows 2000 domain to Windows 2003, I
ran "ADPREP /FORESTPREP" on root domain and "ADPREP /DOMAINPREP" on
both root and child domain. Also, since I have Exchange 2000 in the
Windows 2000 forest, I followed KB314649 to avoid the mangled
attributes.
At this point schema is updated so that I can install the first Windows
2003 domain controller. However, we have not yet installed the Windows
2003 domain controller.

Problem:
My certificate issuing servers (Windows 2000) is still working fine.
However, Windows 2003 certificate issuing server is having a problem.
It return error indicating that revocation function failed and
revocation server is offline. However, the revocation server is
online.

Do I have to have a Windows 2003 domain controllers in both root and
child domain for this to work?

Thanks in advance.

Scott.

---

• Next message: Blake: "Re: unable to map to any drive"
• Previous message: Sundaram Narayanan[MSFT]: "Re: unable to map to any drive"
• Next in thread: Brian Komar: "Re: Windows 2003 Certificate Server in Windows 2000 domain with Schema upgraded"
• Reply: Brian Komar: "Re: Windows 2003 Certificate Server in Windows 2000 domain with Schema upgraded"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages SecurityFocus Microsoft Newsletter #154 ... MICROSOFT VULNERABILITY SUMMARY ... ISS RealSecure Server Sensor SSL Denial Of Service Vulnerabi... ... Roger Wilco Remote Server Side Buffer Overrun Vulnerability ... available for Microsoft Windows operating systems. ... (Focus-Microsoft) SecurityFocus Microsoft Newsletter #49 ... Subject: SecurityFocus Microsoft Newsletter #49 ... Microsoft Windows NNTP Denial of Service Vulnerability ... Microsoft IIS SSI Buffer Overrun Privelege Elevation Vulnerability ... Microsoft ISA Server H.323 Memory Leak Denial of Service... ... (Focus-Microsoft) ~~~~~~~~~~~~~~ CANNOT FIND ~~~~~~~~~~~~~~ ... acrobat cannot find external windows handler ... activesync cannot find exchange server ... aol internet explorer cannot find server ... brother network scanner cannot find pc ... (sci.geo.fluids) ~~~~~~~~~~~~~~~ CANNOT FIND ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ... cannot find server or dns error ... windows cannot find null ... windows cannot find the network path ... cannot find internet explorer on computer ... (comp.protocols.snmp) Questions Relating to Administering Windows 2000 Server ... installed the network client on the target computer. ... Sarah has been attempting to install Windows 2000 ... Server for two days. ... Sarah has checked the cables and hard drives. ... (microsoft.public.cert.exam.mcse)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.windows.server.security  > 2005-01