IT tutorials
 
Applications Server
 

Configuring Active Directory Server Roles : Active Directory Rights Management Services

3/19/2014 2:28:35 AM
- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

Active Directory Rights Management Services (AD RMS), included with Microsoft Windows Server 2008, allows administrators or users to determine what access (open, read, modify, etc.) they give to other users in an organization. Access restrictions can improve security for email messages, internal websites, and documents.

NOTE

To secure documents, Microsoft Office 2003 Professional (Word, Excel, PowerPoint, and Outlook) or Microsoft Office 2007 Enterprise, Professional Plus, or Ultimate is required.

You can apply AD RMS usage policy templates directly to confidential information.

You can install AD RMS easily using Server Manager, and you can administer it through the MMC snap-in. These three new administrative roles allow for delegation of AD RMS responsibilities:

  • AD RMS Enterprise Administrators

  • AD RMS Template Administrators

  • AD RMS Auditors

AD RMS is integrated with AD FS, which means that two organizations can share information without needing AD RMS installed in both organizations. Some other advantages of using AD RMS include the following:


Self enrollment

AD RMS server enrollment allows for the creation and signing of a server licensor certificate (SLC). This SLC gives the AD RMS server the right to issue certificates and licenses whenever they are needed.


Active Directory Metadirectory Service (AD MDS)

Microsoft uses an identity management product called Active Directory Metadirectory Service (AD MDS). AD MDS gives systems the tools they need to get identity data from directories and then expose that data through a directory service interface such as LDAP.

AD RMS requires an AD RMS–enabled client. Windows Vista includes the AD RMS client by default. If you are not using Windows Vista or Windows Server 2008, you can download the AD RMS client for previous versions of Windows from Microsoft's Download Center.


Now that you have a basic understanding of what AD RMS does, let's take the next step and install AD RMS. In Exercise 1, we will install AD RMS by using the Server Manager MMC.

Exercise 1: Installing the AD RMS

  1. Open the Server Manager MMC by selecting Start => Administrative Tools => Server Manager.

  2. In the left pane, click Roles. In the Roles Summary section of the right pane, click Add Roles.

  3. At the Select Server Roles screen, click the Active Directory Rights Management Services check box. A dialog box will appear stating that additional services need to be installed. Click the Add Required Role Services button. Then click Next.



  4. On the Introduction To AD RMS screen, click Next.

  5. On the Select Role Services screen, make sure both check boxes (Active Directory Rights Management Server and Identity Federation Support) are checked. Identity Federation Support allows AD RMS to work with AD FS. Click Next.



  6. On the Specify Setup Type screen, choose Use This Server To Create A New AD RMS Cluster. (The other choice will not be available because we are installing the first AD RMS server and must start the cluster.) Click Next.



  7. AD RMS uses a database to store configuration and policy information. At the Set Up Configuration Database screen, choose Use The Database Engine Built Into Windows. (The other option you have is to use a third-party database engine.) Click Next.



  8. On the Specify Service Account screen, you need to choose which service account the AD RMS will use. Chose Network Service Account and click Next. (An AD RMS account will be created to run the services.)

  9. At the Set Up Key Management screen, you decide which type of encryption you will use. Choose Use AD RMS Encryption Mechanism and click Next.



  10. Next you will be asked to enter a password for AD RMS encryption. The AD RMS cluster key password is used to encrypt the AD RMS cluster key that is stored in the AD RMS database. Type P@ssw0rd, confirm it, and the click Next.



  11. On the Select Website screen, leave the default and click Next. AD RMS needs to be hosted in IIS. This will set up a default website for AD RMS.

  12. In the Specify Cluster Address screen, you choose whether to use a secure or a non-secure website. Choose Use A Secure (https://) Cluster Address and click the Validate button. After the address is verified, click Next.



  13. A dialog box appears asking you to put in a friendly name (a name you can use to access the server without knowing the entire UNC path). Leave the default and click Next.

  14. In the Set Up Revocation screen, you can enable a revocation key, a third-party key that you can use to revoke licenses. For this exercise we are not going to use any third-party keys. Click Next.



  15. Next, you have the option to register AD RMS now or later. If you register the server now, AD RMS will take effect immediately. If you register the server later, AD RMS will not work until you register. We will not register during this exercise. Choose Register Later and click Next.



  16. At the Configure Identity Federation Support screen, you specify the name of the web server that Identity Federation will use. Enter the friendly name from step 13 and click the Validate button. The Next button will become available after the server is validated. Click Next.



  17. At the Introduction To IIS screen, click Next.

  18. At the Select Roles Services screen, click Next. This will install all the necessary components for IIS.

  19. At the Confirm Installation Selections screen, verify all your settings and click Install.



  20. The install progress screen will appear. After the install is complete, click Close.

  21. Close the Server Manager MMC.

 
Others
 
- Microsoft Lync Server 2013 : Mediation Server Troubleshooting (part 2) - Synthetic Transactions, Telnet
- Microsoft Lync Server 2013 : Mediation Server Troubleshooting (part 1)
- Microsoft Lync Server 2013 : Mediation Server Administration
- Microsoft Lync Server 2013 : Mediation Server Configuration
- Microsoft Lync Server 2010 : Installing Mediation Server (part 4) - Create Certificates
- Microsoft Lync Server 2010 : Installing Mediation Server (part 3) - Install Lync Mediation Server Components
- Microsoft Lync Server 2010 : Installing Mediation Server (part 2) - Create a Mediation Server Pool
- Microsoft Lync Server 2010 : Installing Mediation Server (part 1) - Hardware Recommendations
- Microsoft Lync Server 2010 : Mediation Server Overview
- Sharepoint 2013 : Creating and editing discussions (part 2) - Edit a discussion you have created
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Technology FAQ
- Is possible to just to use a wireless router to extend wireless access to wireless access points?
- Ruby - Insert Struct to MySql
- how to find my Symantec pcAnywhere serial number
- About direct X / Open GL issue
- How to determine eclipse version?
- What SAN cert Exchange 2010 for UM, OA?
- How do I populate a SQL Express table from Excel file?
- code for express check out with Paypal.
- Problem with Templated User Control
- ShellExecute SW_HIDE
programming4us programming4us