Operations << >>

Moving Users from One KM Server to Another

It is recommended that you do not move users from one KM Server to another because of the critical information kept in the key management database. The key management database is unique to each KM server. Moving users to another KM server can cause mail authentication and encryption errors if user security keys are lost. User security keys cannot be recovered if the user is moved to a new KM server.

The following scenarios describe the result of configuring and moving users to another KM server.

Scenario Result
Single upgrade of a KM server in an organization and no installation of additional KM servers. All sites continue to point to the single KM server that has been upgraded. The information kept in the key management database remains intact, so there is no risk of authentication and encryption errors occurring, or loss of user security keys.
Single upgrade of a KM server in an organization and the installation of additional KM servers in the organization. All users in the site now point to the new KM server and must be enrolled in advanced security for the new KM server. Because the key management database is unique to each KM server and contains the security key history of all the users, the users pointing to the new KM server lose their ability to recover security keys from the KM server they were previously pointing to. This can result in mail that is encrypted with the user's previous security keys from becoming unreadable.
Clean installation of KM servers in an organization (no upgrade). No key management databases have been established for the KM servers, so there is no potential for users to lose recovery of their security keys.
Clean installation of an extra KM server in a new site. The site is new, so there is no need to move users.

If you want to move users to a new KM server in spite of the risk to recovering security keys, you should encourage all users moving to the new KM server to use the Bulk Advanced Security tool (Sectool.exe). This tool decrypts all mail for a user. After moving to the new KM server, users can encrypt all their mail again.

For information about enabling KM servers in additional sites, see "Enabling Additional Sites to Use the KM Server" earlier in this chapter.

For more information about using the Bulk Advanced Security tool, see Help for the Microsoft Exchange Server Resource Kit Tools (Exchtool.hlp) that is included on the Microsoft BackOffice Resource Kit: Part One compact disc.