I'm having AD on Windows Server 2012 in my test lab , and i was practicing on how to make Single MSA , and the first step was to make the KDS root Key using the command "Add-KdsRootKey –EffectiveTime ((get-date).addhours(-10))" to be effective immediately , and during the test i had to run this command many times as i thought it would replace the KDS root key created , but when i ran this command "Get-KDSRootKey" i found all the root keys i created.
my Question is what is the effect of having many KDS root keys ?
We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.
Dears,
I'm having AD on Windows Server 2012 in my test lab , and i was practicing on how to make Single MSA , and the first step was to make the KDS root Key using the command "Add-KdsRootKey –EffectiveTime ((get-date).addhours(-10))" to be effective immediately , and during the test i had to run this command many times as i thought it would replace the KDS root key created , but when i ran this command "Get-KDSRootKey" i found all the root keys i created.
my Question is what is the effect of having many KDS root keys ?
and how i can delete them ?
Share this post
Link to post
Share on other sites