Active Directory Right Management Services: Installation and Configuration

Rights Strategy Templates

In this part, we will see how to create rights policy templates in the AD RMS Administration Console.

A template contains a set of rights that allows users to quickly apply permissions.

To illustrate the use of a template, we will give the read permission to an Active Directory user group.

Once the template is applied to the document, only group members will be able to view the document for reading.

Creating a template

Create a group in the Active Directory with an e-mail address and add members.
AD RMS - Group for template AD RMS - Group for template

From the AD RMS Services Administration Console, go to Distributed Rights Policy Models 1 and click Create Distributed Rights Policy Template 2 .
New template

When launching the wizard, click Add 1 to configure one or more languages.
Add language for template AD RMS

Select and configure language 1 and click on Add 2 .
Add language for template AD RMS

Now that the language is set, click Next 1 .
Language added

This page allows you to configure the permissions, click on the button Add 1 .
Add group

Enter the e-mail address of the user or group to whom the rights will apply 1 and click OK 2 .
Email for template

It is possible to create a generic template by checking Everyone.

Configure the 1 permissions then click Next 2 .
Setting permissions

Leave check the box Grant the total control to the owner (author) without expiry date, if this one is not checked and that the creator is mistaken in applying the authorizations, it will be impossible to modify its file .

Configure the content expiration if necessary 1 as well as the license 2 and click Next 3 .
Expiration configuration

The license of use is the authorization given by the server to a user to exploit the document.

If necessary, modify the advanced options of the strategy, click Next 1 .
AD RMS Rights

Click on Finish 1 to create for the strategy.
Validate the strategy

Revocation invalidates a user license before it expires.

The model is now available 1 .
Model added

Configuring the location of files

From the template view, click Change the location of the Distributed Rights Policy Template file 1 .
Edit folder template

Check the Enable export 1 box, enter the UNC 2 path of the configured share and click Apply 3 .

Once the location is defined 1 click on OK 2 .
Folder configured

We now see that the location is set 1 .
AD RMS Templates

We can see the folder contains the model configured in XML format.
AD RMS - export template

Use of templates

The operation is the same as a Restricted Access, just select the template to apply it to the document.
AD RMS application of a template AD RMS application of a template


How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

No votes so far! Be the first to rate this post.

We are sorry that this post was not useful for you!

Let us improve this post!



Related Posts


GPO: Managing Windows Firewall Rules
Presentation In this tutorial, we will see how to add rules to the Windows Firewall using Group Policy. For information, the Windows Firewall has been implemented in the Windows operating system with service pack 2 (SP2) of Windows XP. It is now part

Azure AD Connect: Installing and configuring synchronization
Azure AD Connect Overview In this article, I will explain how to install and configure Azure AD Connect. This solution allows you to synchronize your local directory (AD) to the Azure platform and use the same user accounts. In the following procedur

Remove an Active Directory Domain Controller
In this article, we will see how to remove a domain controller in an Active Directory environment. The deletion is done in two steps: Demote the domain controller: remove the controller configuration. Delete roles. Before downgrading the server, ensu