Backing Up the MIIS 2003 Encryption Key
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
You need to regularly back up the encryption key that MIIS 2003 uses to encrypt data and credentials. Failure to back up encryption keys can lead to loss of encrypted data and credentials. To back up the encryption key, use the MIIS Key Management Utility.
The MIIS Key Management Utility has two different user interfaces: command line and a Windows wizard. For most backup and restore operations of the encryption key, the command line interface is sufficient. For more advanced backup operations of the encryption key, for example, to add a new encryption key to the key set or to abandon an existing key set and create a new set, you need to use the MIIS Key Management wizard.
To back up the encryption key, you must be logged on as a member of an MIIS security group and have administrative credentials on the local computer.
To back up the MIIS 2003 encryption key by using the command line
On the server where MIIS 2003 is running, change the directory by typing the following at the command line:
cd %Programfiles%\Microsoft Identity Integration Server\bin
Type the following at the command line to save the encryption key to a floppy disk:
miiskmu /e a:keyback.bin /u miisadmin *
Table 4 Parameters for the Miiskmu Command
Exports the key set to a file.
For the a: drive, specifies the file name in which you are saving the encryption key.
Specifies the MIIS 2003 service account credentials.
Specifies the MIIS service account.
To back up the MIIS 2003 encryption key by using the MIISkmu wizard
Click Start, point to All Programs and Microsoft Identity Integration Server, and then click Key Management Utility.
Follow the instructions in the wizard.
|When using the MIISkmu wizard, you might need to stop the Microsoft Identity Integration Server service in Windows Services in order to enable advanced options.|