By default, servers running Configuration Manager 2007 use signed communications when communicating with other sites. The receiving site has a copy of the public key of the sender site. Before it accepts the communication, it tests the authenticity of the source by using the public key of the sender.
|This topic identifies the parameters used for a secure key exchange during a site recovery. For information about when the initial key exchange must be done manually and about how to exchange public keys manually, see How to Manually Exchange Public Keys Between Sites.|
Manual Exchange for Site Recovery
When a site fails, it loses its private/public keys, and new keys are created when the site is recovered. Before communications from the failed site will be accepted by other sites, the new public key of the failed site must be propagated to the other Configuration Manager 2007 sites.
The failed site will also lose its stored copies of the public keys of any other sites. Therefore, it will not accept communications from other sites until it has new copies of the public keys for the other sites.
You can use the following command-line parameters to perform a secure key exchange between parent and child sites during recovery:
- /keyforparent is used to distribute
the new public key to a parent site of the failed site.
- /keyforchild is used to distribute the
new public key to a child site of the failed site.
- /childkeys is used to distribute
public keys from all child sites to the recovering site.
- /parentkeys is used to distribute
public keys from all parent sites to the recovering site.
|If the recovering site is publishing in Active Directory® Domain Services, it publishes its new public key to the Configuration Manager 2007 site object.Any site that receives communications from the failed site tests the authenticity, by using the old public key. If its current copy of the key cannot validate the signature, it queries the Active Directory Global Catalog to see whether it has the latest copy of the public key. If it does not have the latest copy, it gets the latest public key from the Global Catalog, and you do not have to perform this task. Similarly, the failed site gets copies of the public keys of the other sites from the Global Catalog.|