ADD ECAL

kmwestergaard
kmwestergaard used Ask the Experts™
on
We have been operating for the last year with exchange 2010 but just purchased our ECAL. How do I add the new keys to my exchange servers?
Thanks,
Kristin
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
tigermattSite Reliability Engineer
Most Valuable Expert 2011

Commented:

First things first, any licensing advice you receive from someone on a bulletin board is that person's opinion only. It won't stand up in a licensing audit or court of law, so you are always best to check what you hear with MS direct.

With that out the way, you don't need to tell Exchange about any CAL packages. CALs in Microsoft's latest products (Terminal Server Licensing not withstanding) are an honour system. You need to have the physical licensing filed in the event of an audit, but the server itself doesn't track the CAL licenses. It won't stop working if you don't have enough; you would simply be breaking the licensing terms with all the legal repercussions which may follow.

-Matt

Author

Commented:
Thanks for your response! I understand that I can still use the archives without entering the ECAL, but I was worried that there would be a certificate error or something along those lines the users would see.
Site Reliability Engineer
Most Valuable Expert 2011
Commented:

No, not for licensing. It's truly an honour based licensing system, and nothing more. Certificates are not tied up with licensing but are a mechanism for encrypting data to and from your Exchange Servers; a certificate error won't appear provided the three golden rules for certificates are met:

The certificate is in date. It cannot have expired or not yet be valid.
The hostname used to access a resource is listed on the certificate. For example, you need at least owa.domain.com and autodiscover.domain.com, and then you have to configure your Autodiscover internal SCP and internal URLs to use those. If a user went to servername.domain.local, and that wasn't listed in the certificate, you would see an error.
The certificate's chain of trust must be traced back to a trusted root certification authority, such as the root CAs used by the likes of Verisign, Thawte, GoDaddy etc.

-Matt

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial