Active Directory Rights Management Services
Active Directory Rights Management Services provides a layer of protection for an organizations information allowing email messages, documents, intranet webpages, and more to be protected from unauthorized access.
AD RMS uses a certificate service to issue rights account certificates that identify trusted users, groups, and services.
A licensing service that provides authorized users, groups, and services with access to protected information and a logging service to monitor and maintain the rights management service.
When a trust has been established, users with a rights account certificate can assign rights to the information. The rights control which users can access the information and what they can do with it. Users that have rights account certificates can also access protected content to which they have been granted access. Encryption ensures that access to protected information is controlled.
To secure documents, Microsoft Office 2003 Professional, Microsoft Office 2007 Enterprise, Professional Plus, Ultimate, Microsoft Office 2010 Professional, Professional Plus, or certain versions of Office 2013 is required.
AD RMS Prerequisites
Before installing AD RMS, the following must be fixed:
Create a service account for RMS within AD DS. The account must be different from the account that is used to install RMS.
The AD RMS server must be a domain member within the domain of the user accounts that will use the service.
An AD RMS root cluster for certification and licensing must be created.
A fully qualified domain name resolvable from the locations where RMS files will be consumed needs to be set up.
A server running SQL Server must be available to store the AD RMS databases. It is recommended to use an alternate server than the one where AD RMS is installed. AD RMS requires an AD RMS enabled client. Windows Vista, Windows 7, and Windows 8 include the AD RMS client by default. If you are not using Windows Vista, Windows 7, Windows 8, Windows Server 2008, Windows Server 2008 R2, or Windows Server 2012, you can download the AD RMS client for previous versions from Microsofts Download Center.