Before you can install KMS on an Exchange 2000 server, you must
install Windows 2000 Server in your Exchange organization.
Certificate Services becomes your organization's
Important When installing Certificate Services to use with KMS, Microsoft recommends changing the Valid for field in the CA Identifying Information screen to five years. This is the amount of time before your CA certificate expires. Your CA cannot issue certificates that are valid beyond the period of its own certificate expiration. For administrative purposes, it is better to have a CA certificate that is valid for at least five years.
Certificate Services will also track and maintain
This section provides information on installing KMS, as well as related procedures you must perform before, during, and after installation.
Note Exchange 2000
The installation procedure below is just one necessary step you must take to deploy KMS in your organization. The following table illustrates additional procedures that must be performed at different points during the KMS installation:
|Procedure||When to Perform It|
|Install Exchange Certificate Templates||After installing Certificate Services, and before installing KMS.|
|Select the Startup Password Location||During Exchange/KMS installation.|
|Grant Manage Rights to the Key Management Server||After KMS is installed, before requesting certificates from Certificate Services.|
To install KMS:
Important Make sure you also select Install next to Microsoft Exchange System Management Tools. by default, this is installed with a Typical installation, but not with a Custom installation.
Note If you want to install KMS on a computer currently running Exchange 2000, insert the Exchange CD and start the Microsoft Exchange 2000 Installation Wizard again. In the Component Selection window, select Change next to Microsoft Exchange 2000. Select Install next to Microsoft Exchange Key Management Service, and then click Next.