It s time to set up RMS server role on our Windows Server 2008. We will use Server manager console to add AD RMS role to our domain controller. The first server in an AD RSM environment is the root cluster. AD RMS root cluster is composed of one or more AD RMS servers configured in a load-balancing environment.
Registering the AD RMS service connection point (SCP) requires that the installing user account be a member of AD Enterprise Admins group.
Note: After the installation is complete ADRMSADMIN account should be removed from Enterprise Admins group. Also, you can use built in Administrator account to install AD RMS but it is recommended to create a AD RMS admin account.
To install AD RMS role, start Server manager console, select Roles and click add new role option. Select Active Directory Management Services and click next. The Role services apge should appear and services that should be marked for installation are: Web Server (IIS), Windows Process Activation Service (WPAS), and Message Queuing.
Select database server that you wish to use (either local or remote SQL server), select default instance and click validate. Specify an account and enter password. On the next page ensure that “Use AD RMS centrally managed key storage” is selected and click next.
Select Default Web site for AD RMS web site location, select “Use SSL-encrypted conection (https://)” option and in FQDN type AD RMS server name and then click validate. After you validate your web server, click “Choose an existing certificate for SSL encryption” and select certificate that has been imported for this AD RMS cluster. Click Next.
Select friendly name for AD RMS cluster and click Next.
Make sure that “Register the AD RMS service connection point now” option is selected and click next to register it. Click Next 2 more times and then click Install.
Log of and then log on again so that account used to install AD RMS recreates it s token.
Administration of AD RMS will be done through Active Directory Rights Management Services console which can be started from Administrative tools or from Server manager console.
Next time, I will show you how to test your AD RMS installation and configuration.