Administrators use Key Manager to specify which domain accounts can access Key Manager, to access and modify Key Manager settings, and to perform actions such as recovering keys and revoking certificates. Passwords to access the Key Manager Properties dialog box are different from the password you may have created to start the Key Management Service.
By default, the only account with access to Key Manager is the Exchange Administrator account used to run Exchange 2000 Setup. You can add additional administrators to the list. By default, the initial Key Manager password for your Key Management Service administrators is "password". When you grant access for the additional administrators, they can change their Key Manager passwords using the Key Manager Properties dialog box.
Important As with any password, ensure that your administrators record and store their Key Manager passwords in a secure location. Also, because Key Manager passwords are associated with Active Directory user accounts, you must restore the Active Directory database before Key Management Service administrators can access the Key Manager Properties dialog box.
To open the Key Manager Properties dialog box
- Click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.
- In Exchange System Manager, in the console tree, expand Administrative Groups, and then expand the administrative group that contains the Key Manager node you want to open.
- Click Advanced Security
.
The Key Manager object
- In the details pane, right-click Key Manager, and then click Properties.
- To provide credentials to access Key Manager Properties, perform one of the following tasks:
- If you specified that you type a password to start Key Management Service, type your Key Management Service login password
- If you specified that your Key Management Service password be read from a floppy or hard disk, ensure that you can access that disk.
The Key Management Service Login dialog box
- To specify which Windows 2000 accounts have permission to administer Key Management Service, in Key Manager Properties, click the Administrators tab, and then modify the appropriate settings.
The Administrators tab in the Key Manager Properties dialog box
The information in this article applies to:
- Microsoft Exchange Server 2003 Enterprise Edition
- Microsoft Exchange Server 2003 Standard Edition
- Microsoft Windows Small Business Server 2003, Premium Edition
- Microsoft Windows Small Business Server 2003, Standard Edition
- Microsoft Exchange 2000 Server
