GOOD2USE Knowledge Network Disaster Recovery for Microsoft Exchange 2000 Server -Preserving the Password Used to Start Key Management Service

Legal Information

PC Knowledge Base -Disaster Recovery for Microsoft Exchange 2000 Server - Preserving the Password Used to Start Key Management Service

Good Knowledge Is Good2Use

Microsoft Exchange Key Management Service requires a password every time it starts; therefore, you should preserve the password. The method you use to preserve the password depends on how you configured Key Management Service. When you install Key Management Service (Key Management Service is an optional component of Exchange 2000 Server Setup) on a server running Exchange 2000, you must specify how Key Management Service receives the password each time it starts. You can specify that the password be manually typed each time the service starts (this is the most secure method), or you can specify that the password be read from a password file that is stored on a floppy or hard disk.

Consider the following information regarding Key Management Service password setup:

If you specify that the password be entered manually each time Key Management Service starts, make sure that you record the password and store it in a safe place. The password you select is displayed only once during Setup.
If you specify that the password be read from a password file stored on a floppy or hard disk each time Key Management Service starts, you need to back up the Kmserver.pwd password file. If you do not back up the Kmserver.pwd file, you will not be able to recover Key Management Service. The Kmserver.pwd file is not backed up as part of a Key Management Service database backup; it is also not included in a Windows backup set. Instead, you must back up the file from the location that you specified during Setup.

You must have a copy of the kmserver.pwd file to restore Key Management Service to a recovery server. It is recommended that you copy the Kmserver.pwd password file to a safe location such as a network share containing the software updates for the server. For more information about software updates, see Software and Firmware Updates.

Tip If you do not remember the location of your Kmserver.pwd file, you can use Regedit to determine the location of that file.
To locate the file, open the registry to

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\KMServer.

The location of the file is included in the string for the MasterPasswordPath registry value. Examine the string for the MasterPasswordPath registry value to find the location of the Kmserver.pwd password file on the server.

The information in this article applies to:

Microsoft Exchange Server 2003 Enterprise Edition
Microsoft Exchange Server 2003 Standard Edition
Microsoft Windows Small Business Server 2003, Premium Edition
Microsoft Windows Small Business Server 2003, Standard Edition
Microsoft Exchange 2000 Server

Search Knowledge Base

Feedback

If you like our web site refer a friend.
Your friends name.	Your friends email address.
Your Name	Your Email Address