Preparation of the environment
Before we start installing the AD RMS role, we will prepare the environment.
Creating a group for super users
To overcome a user error on the application of rights, it is possible to configure in AD RMS a super-admin group that has the ability to edit all files.
Then add the person (s) who will be able to access all the documents.
Service account for the AD RMS cluster
During post-installation configuration and the creation of the AD RMS cluster, a service account must be configured. Always using the Active Directory Users and Computers console, create a standard user account whose password never expires.
A network share
Create a network share that is readable by everyone and in total control by the service account. This sharing goes XML export service of rights strategy templates.
Create a DNS record for the cluster name that points to the expected server’s IP role.
Certificate for the cluster
If you have a certification authority, provide a certificate on behalf of the AD RMS cluster.
If you do not have an IIS server to generate the certificate, you can do it from the AD RMS server after you install the roles.
If you want to add multiple AD RMS servers in the cluster, you need to provide a SQL Server instance