In Exchange 2000, KMS uses many benefits of the Windows 2000 operating system. In particular, KMS uses Windows 2000 Server Certificate Services as its CA. The Windows 2000 operating system handles certificate issuance and revocation, as well as CTL maintenance.
Note For compatibility with
Outlook 97 and earlier clients, KMS will continue to issue
A new benefit of Certificate Services is that KMS can now use any Certificate Services server in your organization. If one server is busy, KMS can enroll a user through another. Although KMS has to use Certificate Services as its CA, Certificate Services can be configured as a subordinate of any third-party CA.
Note You cannot install KMS until you install Certificate Services.
Another Windows 2000 feature utilized by KMS are
Note Active Directory provides several additional advantages for KMS, including the ability to enroll users in Advanced Security by user or by specific groups. Per-user security functions can also be configured. Active Directory provides administrative flexibility to KMS.