Implementing Active Directory Rights Management Services with Exchange and SharePoint

מק"ט: #50403 | משך קורס: 32 שעות אק'

This four-day instructor-led course provides students with the knowledge and skills to deploy Microsoft Active Directory Rights Management Services (AD RMS), and to understand the role AD RMS plays in a wider infrastructure and how it interacts with other Microsoft technologies.

הקורס פעיל לקבוצות מטעם ארגונים בלבד, ניתן לשלוח פנייה רק אם מדובר בקבוצה
*שדות חובה
PDF version


  • Understand AD RMS architecture, and the role the product plays as part of a wider infrastructure.
  • Understand the AD RMS interaction model with other Microsoft technologies.
  • Install and provision AD RMS and understand installation pre requisites and best practices.
  • Understand how several other Microsoft technologies use AD RMS to protect documents and email messages.
  • Understand how to use AD RMS on server applications such as Microsoft Office SharePoint Server and Microsoft Exchange Server.
  • Create, manage, and distribute rights policy templates as AD RMS administrators.
  • Understand the different trust relationships that can extend AD RMS protection beyond your infrastructure.
  • Troubleshoot common issues in the core infrastructure, product installation, and product usage.

קהל יעד

This course is intended for experienced systems administrators who have working experience and background knowledge of Windows Server 2008, and basic understanding of Active Directory, IIS, Microsoft SQL Server, and Microsoft Exchange Server technologies. Basic knowledge of DNS, general networking, and PKI principles is also helpful.

תנאי קדם

Windows XP, Vista, or Windows Server 2003/2008 basic knowledge


Module 1: Why Rights Management?

This module provides an overview of Microsoft Active Directory Rights Management Services (AD RMS). The overview describes how the product works, the business reasons for using AD RMS, and the technology that you use to deploy an AD RMS environment.

  • A Bit of History
  • Business Reasons for AD RMS
  • What AD RMS Does
  • AD RMS Usage Scenarios
  • AD RMS Technology Overview
  • AD RMS in Windows Server 2008 R2 and Windows 7


Module 2: AD RMS Architecture

This module covers the basic architecture and concepts of the Microsoft Active Directory Rights Management Services product. Most of the concepts that are introduced in this module will be covered in more detail in other modules later in the course.

  • AD RMS Components Overview
  • AD RMS Bootstrapping Process
  • AD RMS Publishing and Licensing Process
  • AD RMS Service Connection Point (SCP)
  • AD RMS Topology
  • AD RMS Components Details


Module 3: AD RMS Installation and Provisioning

In this module, the student will learn about network infrastructure, hardware, and software requirements for installing AD RMS. The student will learn the procedure for deploying AD RMS servers, as well as the permissions required for the accounts that are used in the deployment and management of AD RMS.

  • AD RMS Requirements
  • AD RMS Prerequisites
  • Installing and Provisioning AD RMS
  • AD RMS Server Installation Best Practices
  • Migrating RMS to AD RMS


Module 4: Information Rights Management on Desktop Applications

This module begins by describing the AD RMS client software, its requirements, and how to deploy it. Next, the module identifies the Information Rights Management (IRM) components on client machines and the bootstrapping process the AD RMS client performs for each user. The module then discusses how IRM is provided in Microsoft Office products, the XPS format, Window Mobile 6.0, and read-only access in Windows Internet Explorer. The module ends with a discussion of how registry keys interact with AD RMS.

  • Operating System Versions and AD RMS Clients
  • Microsoft Office IRM
  • Windows Mobile 6.0 IRM
  • RM Add-on for Internet Explorer and Rights-Managed HTML (RMH)
  • Office Viewers and AD RMS
  • IRM Client Registry Settings


Module 5: Rights Policy Templates

This module provides an introduction to rights policy templates and the concepts related to protecting and consuming content that is protected by templates. These templates are used to standardize security policies and protect information according to the latest policy.

  • Introduction to Rights Policy Templates
  • Creating Rights Policy Templates
  • Protecting Content Using Templates
  • Consuming Content Protected by Templates
  • Managing Rights Policy Templates
  • Template Distribution Strategy


Module 6: Information Rights Management on Server Applications

In this module, students will see how AD RMS integrates with server-side applications, which use AD RMS to automatically protect and license content. This module covers the following server products:

  • Microsoft Office SharePoint Server (MOSS) 2007
  • Microsoft Exchange Server 2010
  • AD RMS Bulk Protection Tool + FCI
  • Microsoft Office SharePoint Server 2007 IRM
  • Email Protection in Exchange Server
  • New AD RMS Features in Exchange Server 2010


Module 7: Administering AD RMS

This module introduces some of the elements of the AD RMS Management Console. It discusses exclusion policies that can be defined by an administrator, provides an overview of revocation, and discusses the Super Users group and how it can be used to recover content. The module also introduces the new AD RMS reporting capabilities.

  • The AD RMS Administration Console
  • New AD RMS Administration Roles
  • Rights Account Certificate Policies
  • Exclusion Policies
  • Revocation
  • The Super Users Group


Module 8: Managing Trust

This module discusses the trust architecture in AD RMS, the types of trusts that are available, and how trusted user domains operate.

  • Introduction to Trust Policies
  • Trusted User Domains
  • Trusted Publishing Domains
  • AD RMS and Active Directory Federation Services
  • Windows Live ID Trust
  • Trust Scenarios
  • General Infrastructure Requirements and Product Capabilities


Module 9: Extranet Considerations

This module discusses the extranet and how you can use it with AD RMS to provide access to protected content. The module provides reasons for establishing extranet access to AD RMS, and offers examples and scenarios. The module also discusses the use of a firewall, like Microsoft Internet Security and Acceleration Server (ISA Server), to address security with AD RMS.

  • Extranet Access to AD RMS
  • Extranet Access to AD RMS Pipelines
  • Extranet Client Considerations
  • AD RMS and Firewall Options
  • Extranet Scenarios


Module 10: Deploying and Maintaining AD RMS Infrastructure

This module covers some of the key concepts to deploy and maintain the AD RMS service. Keep in mind that after key documents are protected, AD RMS becomes a very critical service in the organization.

  • AD RMS General Performance Guidelines
  • Adding a Server to a Cluster
  • Managing Clusters
  • AD RMS Disaster Recovery


Module 11: Troubleshooting AD RMS

This module focuses on common issues in AD RMS and the tools available to help troubleshoot them. We examine in detail each of the common AD RMS support issues and the steps you can take to troubleshoot them. At the end of the module, we provide a list of additional resources for troubleshooting issues in AD RMS.

  • Troubleshooting Core Infrastructure
  • Troubleshooting Product Installation
  • Troubleshooting Product Usage
  • Diagnostic Tools
  • Additional Tools


היקף הקורס הינו 32 שעות אקדמאיות