Active Directory Right Management Services: Installation and Configuration

Preparation of the environment

Before we start installing the AD RMS role, we will prepare the environment.

Creating a group for super users

To overcome a user error on the application of rights, it is possible to configure in AD RMS a super-admin group that has the ability to edit all files.

From the Active Directory Users and Computers console, create a group by specifying a 1 email address.
ADRMS - Super user group

Then add the person (s) who will be able to access all the documents.

Service account for the AD RMS cluster

During post-installation configuration and the creation of the AD RMS cluster, a service account must be configured. Always using the Active Directory Users and Computers console, create a standard user account whose password never expires.
AD RMS - Service Account

A network share

Create a network share that is readable by everyone and in total control by the service account. This sharing goes XML export service of rights strategy templates.

Network share

DNS registration

Create a DNS record for the cluster name that points to the expected server’s IP role.

AD RMS Record DNS

Certificate for the cluster

If you have a certification authority, provide a certificate on behalf of the AD RMS cluster.

Requesting a certificate for the AD RMS cluster IIS certificate installed

SQL Server

If you want to add multiple AD RMS servers in the cluster, you need to provide a SQL Server instance


How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

No votes so far! Be the first to rate this post.

We are sorry that this post was not useful for you!

Let us improve this post!



Related Posts


Active Directory : increase the functional level of the domain and the forest
Presentation The functional level of the domain and forest corresponds to the "version" of your Active Directory environment and allows access to more or fewer features depending on the level of each. Mainly this level change occurs when upgrading to

GPO: Make users administrator of their post
Presentation In this tutorial, we are going to have how to set up a GPO to make the admin domain users of their post. The goal is to add the Domain Users group in the Administrators 1 group of the user station. The Domain Admins group is already a me

Active directory: Delete a child domain
In the article Active directory: setting up a child domain where I explain how to configure a child domain in an Active Directory environment, I will explain here how to delete a child domain. As a reminder, when setting up the child domain, a trust