This can be done with OpenSSL. This same technique can be used to change Legacy Key Provider types.
WINS is old but still in use in many environments. I upgraded a 2003 domain to 2008 R2 and discovered something about WINS that is worth knowing if you are installing it on a 2008 R2 or newer server.
When you add the WINS feature, it appears to install correctly but some of the server settings are corrupt. Specifically, if you open the server settings and select the ‘Intervals’ tab you will see this:
I ran into a rather obscure Exchange Availability Service behavior that will be of little interest to most. So, if you are not working at a hosting company or have never heard of the ‘msExchQueryBaseDN’ attribute, save yourself some time and skip this post.
The ‘msExchQueryBaseDN’ attribute is used to restrict Outlook Web Access’ (OWA) search for mail enabled objects in Active Directory (when simulating the Global Address List) — or at least that is what it was originally used for. Rather than searching for all mail enabled objects, it will search only a portion of Active Directory. The attribute is usually not set because most Exchange organizations have only one Global Address List – The ‘Default Global Address List’ which contains all mail enabled objects.
If you don’t understand why there would be more than one GAL, stop reading here.