Active Directory Right Management Services: Installation and Configuration

Preparation of the environment

Before we start installing the AD RMS role, we will prepare the environment.

Creating a group for super users

To overcome a user error on the application of rights, it is possible to configure in AD RMS a super-admin group that has the ability to edit all files.

From the Active Directory Users and Computers console, create a group by specifying a 1 email address.
ADRMS - Super user group

Then add the person (s) who will be able to access all the documents.

Service account for the AD RMS cluster

During post-installation configuration and the creation of the AD RMS cluster, a service account must be configured. Always using the Active Directory Users and Computers console, create a standard user account whose password never expires.
AD RMS - Service Account

A network share

Create a network share that is readable by everyone and in total control by the service account. This sharing goes XML export service of rights strategy templates.

Network share

DNS registration

Create a DNS record for the cluster name that points to the expected server’s IP role.

AD RMS Record DNS

Certificate for the cluster

If you have a certification authority, provide a certificate on behalf of the AD RMS cluster.

Requesting a certificate for the AD RMS cluster IIS certificate installed

SQL Server

If you want to add multiple AD RMS servers in the cluster, you need to provide a SQL Server instance





Related Posts


Bitlocker : store recovery password in Active Directory

SommairePresentationPrerequisitesConfigure password recording in Active DirectoryInstall functionality to view recovery passwords in Active DirectoryConfiguring Group Policy (GPO) for Bitlocker Linkin

Active directory: Delete a child domain

In the article Active directory: setting up a child domain where I explain how to configure a child domain in an Active Directory environment, I will explain here how to delete a child domain. As a re

Apply a GPO to an Active Directory Group

IntroductionPrerequisitesApply a strategy to a groupConclusion Introduction In this article, I will explain how to apply a Group Policy (GPO) to an Active Directory group that contains multiple users.