Best Practices for Migrating from Exchange Server 2013 to Exchange Server 2019

Nino_Bilic, The_Exchange_Team 

How does enabling Kerberos Authentication based on the article you referenced in this post impact SMTP relay hosts such as SQL Servers that are using the IIS SMTP relay function to forward messages to the exchange server?

Same for devices like MultiFunction Printers?

The Kerberos Authentication document doesn't seem to be very clear on whether or not the steps followed just enables the additional option of Kerberos, or if it switches Exchange to only using Kerberos.

Also, by enabling the Kerberos Auth, is it only used for Outlook or Mobile clients connecting on the "internal network" or via VPN, or is it applicable to any HTTP connection "Internal" or "External"?

Finally, while going back over the creation and implementation of the ASA, I also find myself questioning how the "Computer Account" is used.  Is it just an alternate account for the Exchange Service Host service to run with?!? 

In the steps for setting the Kerberos Auth up (https://learn.microsoft.com/en-us/exchange/architecture/client-access/kerberos-auth-for-load-balanced-client-access?view=exchserver-2019), in the section titled:

After you've created the account, you have to verify that the account has replicated to all AD DS domain controllers. Specifically, the account must be present on each server running Client Access services that will use the ASA credential."

... that last sentence does not make any sense to me following it's preceding sentence.  How/Why would a second computer account be present on the mail server (CAS), when to my knowledge, you can only have one Computer account, and AD DCs wouldn't be on the CAS.  So, unless that document is saying that the new ASA account is supposed to be in a specific local security group on the CAS server, I'm all confused.

My environment is On-Prem only, only one Exchange server.

Thanks for the clarification, and the refresh of the Best Practices article.