Key Management Service – Shutting Down the Old KMS

Just a couple of quick tips from my experience. I kept the original KMS server active, but offline in case I needed a fallback.

1: Disable the KMS service. Seriously, stop it. In fact, burn it with fire as it has a habit of restarting at the most inopportune of times 😛

2: Your old KMS server will still receive requests if it remains in DNS. This isn’t too bad, as when a client cannot get to the KMS server, it will try something else from DNS.

As stated in earlier blogs, use the nslookup ocmmand to find the _VLMCS entries. You *must* have your new KMS servers in DNS!

3: If you’re happy with hte new KMS sevrer(s), then you need to remove DNS publishing and from DNS itself.

This is a great step by article, and really helped me through this process.

Advertisements

Flame on xD

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s