none
How could I make sure encryption key is currently used key for MIIS synchronization service ? RRS feed

  • Question

  • I would like to make sure the key file I found in MIIS server is currently used key.

    How could I make sure encryption key is currently used key for MIIS synchronization service ?

    Wednesday, April 17, 2013 2:36 AM

Answers

  • If I understood you correctly then yes, if that user is used and configured to run only MIIS service the impact will be on MIIS only.


    Patrick Layani

    • Marked as answer by yuuichiro99 Friday, May 17, 2013 11:53 PM
    Monday, April 29, 2013 6:57 PM

All replies

  • Hello,

    I dunno if it's possible to check it but you can re-exported it with the "Synchronization Service Key Management" tool

    Sylvain

    Wednesday, April 17, 2013 12:48 PM
  • Re-exporting key file need to input current service account password ?

    Yes, export utility (miiskmu.exe) will ask you for service account password.

    Why you just dont reset password for sync service?
    Wednesday, April 17, 2013 1:51 PM
  • Yes, you can change the password of the service account. Once changed, you just need to update the properties of the service with the new password. 

    Todd Mollerup, SoftwareIDM.com

    Thursday, April 18, 2013 2:16 PM
  • It depends on if your service account is in the domain or local on the server. If you use a local account, then resetting the password will invalidate the recovery keys and you need to use the encryption key file to reestablish the keys. This is a Windows feature and you see a warning if you try to reset the password. If your service account is in the domain, then it will work fine to reset the password since the domain has access to the recovery keys.

    Saturday, April 20, 2013 4:14 PM
  • Hi,

    Yes. Changing the service account password will allow you to export the key using the new password.


    Patrick Layani

    Tuesday, April 23, 2013 2:21 PM
  • If I understood you correctly then yes, if that user is used and configured to run only MIIS service the impact will be on MIIS only.


    Patrick Layani

    • Marked as answer by yuuichiro99 Friday, May 17, 2013 11:53 PM
    Monday, April 29, 2013 6:57 PM