Microsoft
Microsoftthis guide is not going through all the needed steps for this to work out.
1. Yes you need to do a complete install on a server 2012 r2 before going to a server 2016 or 2019.
and the steps on a server 2012r2 is the same going forward.
!!Important make a copy of the reg file!!! we need 2 of them, that is the best solution.
2. Before you install the CA roles on the new server (2012,16,19...) you need to import the reg entries into the regedit db - BUT you need to remove some of the entries first.
- in the reg file under the first : [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration]
there is 14 items, you need to cut them down to only 4, these in specific:
"LDAPFlags"
"DBFlags"
"WebClientCAName"
"WebClientCAType"
Still with their values in the end of them. the sub folder in the regedit file are still there!!
Save the reg file and execute/merge it into your regedit on the server.
3. now go on an install the CA roles.
service will not start = ok (see event viewer, error/warning = ok for now)
4. restore the CA DB.
5. now execute/merge the backup reg file with all the items in, not the edited file from before.
6. start the CA service
wolla 🙂
quick tip:
If you are going to have the server name changed, you have to change all the entries in the full, and edited reg file by search and replace, before you have them merged/imported into the regedit db.
