It's a Windows 2000 single forest domain and all users have e-mail addresses of firstname.lastname@example.org. Apparently, this was doable with Exchange 5.5, but not with Exchange 2000. I installed a certificate on the "master" Exchange 2000 server and it works fine, but users whose mailboxes reside on the second server can't use it.
There are two pieces of good news I can give you. One is that certificates for your Exchange servers do not have to cost a fortune. You can shop around for cheaper third-party certificate authorities (CA), or you can even configure one of your existing servers in your domain as a Windows CA. The other good news is that the Standard Edition of Exchange Server 2003 can be used as front-end servers. This is significantly cheaper then the Enterprise Edition that we were required to use with Exchange 2000 Server. And, front-end server hardware generally does not cost nearly has much as back-end servers, because there are virtually no disk storage requirements beyond the OS and the Exchange application. Finally, Exchange 2003 front-end servers are backwards compatible with Exchange 2000 back-end servers.
Do you have comments on this Ask the Expert question and response? Let us know.
This was first published in February 2005