Академический Документы
Профессиональный Документы
Культура Документы
Abstract
This step-by-step guide provides instructions for setting up a test environment for
creating and deploying Active Directory Rights Management Services (AD RMS) rights
policy templates on the Windows Server® Code Name "Longhorn" operating system.
This document supports a preliminary release of a software product that may be changed
substantially prior to final commercial release, and is the confidential and proprietary
information of Microsoft Corporation. It is disclosed pursuant to a non-disclosure
agreement between the recipient and Microsoft. This document is provided for
informational purposes only and Microsoft makes no warranties, either express or
implied, in this document. Information in this document, including URL and other Internet
Web site references, is subject to change without notice. The entire risk of the use or the
results from the use of this document remains with the user. Unless otherwise noted, the
example companies, organizations, products, domain names, e-mail addresses, logos,
people, places, and events depicted herein are fictitious, and no association with any real
company, organization, product, domain name, e-mail address, logo, person, place, or
event is intended or should be inferred. Complying with all applicable copyright laws is
the responsibility of the user. Without limiting the rights under copyright, no part of this
document may be reproduced, stored in or introduced into a retrieval system, or
transmitted in any form or by any means (electronic, mechanical, photocopying,
recording, or otherwise), or for any purpose, without the express written permission of
Microsoft Corporation.
Active Directory, Microsoft, MS-DOS, Vista, Windows, Windows NT, and Windows Server
are either registered trademarks or trademarks of Microsoft Corporation in the
United States and/or other countries.
Contents........................................................................................................................ .....3
Creating and Deploying Active Directory Rights Management Services Rights Policy
Templates Step-by-Step Guide ......................................................... .................4
About this Guide......................................................................................... ....................4
What This Guide Does Not Provide..................................................................... ........4
Deploying AD RMS in a Test Environment.............................................................. ........5
Once complete, you can use the test lab environment to assess how AD RMS rights
policy templates can be created with Microsoft Windows Server® Code Name "Longhorn"
and deployed within your organization.
The test environment described in this guide includes three computers connected to a
private network and using the following operating systems, applications, and services:
The computers form a private intranet and are connected through a common hub or
Layer 2 switch. This configuration can be emulated in a virtual server environment if
desired. This step-by-step exercise uses private addresses throughout the test lab
configuration. The private network ID 10.0.0.0/24 is used for the intranet. The domain
controller is named CPANDL-DC for the domain named cpandl.com.
Note
The AD RMS service account must have Write access to the rights policy
template shared folder in order for the rights policy template export function to
work correctly.
7
To create a shared folder for the AD RMS rights policy templates and set appropriate
permissions for the AD RMS service account, do the following:
2. Click Start, click Computer, and then double-click Local Disk (C:).
6. Select the Share this Folder check box, and then click Permissions.
7. Click Add, in the Enter the object names to select box type
CPANDL\ADRMSSRVC, and then click OK.
9. Click OK twice.
11. Click Add, in the Enter the object names to select box type
CPANDL\ADRMSSRVC, and then click OK.
Alternatively, the templates can be copied from the shared folder to the client computers.
This enables the templates to be used when users are not connected to the network,
such as when traveling with a laptop or from another mobile device. Because the most
common deployment is to copy the templates to the client computers, this is the
approach explained in this guide.
3. In the Tasks box in the Results pane, click Manage rights policy
templates.
7. Click Add.
8. In the Language list, choose the appropriate language for the rights
policy template.
policy template.
This guide assumes that an AD RMS cluster is already configured in a test environment.
Additionally, extra configuration is required on the AD RMS client workstation so that the
rights policy templates are accessible. To make the AD RMS rights policy templates
accessible, you must copy the AD RMS rights policy templates to the client computer and
create a registry entry that points to the location of the rights policy templates.
8. Click OK twice.
In order for the AD RMS client computer to locate the templates, you must add a registry
entry and copy the AD RMS rights policy templates locally. To do this, you must complete
the following steps before rights-protecting a document:
2. Click Start, type regedit.exe in the Start Search box, and then click the
10
HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\DRM
Note
If DRM was not already created as a part of the key, you must create it
manually.
4. Select DRM, click Edit, point to New, click Expandable String Value,
and then type AdminTemplatePath.
Note
Copying the AD RMS rights policy templates to the client computer is not
required if the rights policy templates do not have to be available offline.
2. Click Start, click All Programs, click Microsoft Office, and then click
Microsoft Office Word 2007.
5. Click the Microsoft Office button, click Save As, and then save the file
as \\ADRMS-DB\public\ADRMS-TST.docx.
2. Click Start, point to All Programs, point to Microsoft Office, and then
click Microsoft Office Word 2007.
4. Click OK.
5. When the document opens, click the Microsoft Office button. Notice that
the Print option is not available.
6. Click View Permission in the message bar. You should see that
AD RMS rights policy template has been applied to this document.
12
You have successfully deployed and demonstrated the rights templates policy feature of
AD RMS, using the simple scenario of applying a rights policy template to a Microsoft
Word 2007 document. You can also use this deployment to explore some of the
additional capabilities of AD RMS through additional configuration and testing.