Step 2: Configuring the AD RMS Licensing-only Cluster

  • Article

Applies To: Windows Server 2008, Windows Server 2008 R2

AD RMS is included with Windows Server 2008 and you install it as a server role by using Server Manager. Both installation and configuration of an AD RMS licensing-only cluster are handled through Server Manager. An AD RMS licensing-only cluster is composed of one or more AD RMS licensing-only servers configured in a load-balancing environment. This step-by-step guide will install and configure a single-server AD RMS licensing-only cluster.

Configure AD RMS as a licensing-only cluster.

To add the AD RMS Server Role

  1. Log on to CPANDL-ADRMSLIC as cpandl\ADRMSADMIN.

  2. Click Start, point to Administrative Tools, and then click Server Manager.

  3. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.

  4. In the Roles Summary box, click Add Roles.

  5. Read the Before You Begin page, and then click Next.

  6. On the Select Server Roles page, select the Active Directory Rights Management Services check box.

  7. The Add Roles Wizard appears informing you of the AD RMS dependent role services and features. Make sure that Web Server (IIS), Windows Process Activation Service (WPAS), and Message Queuing are listed, and then click Add Required Role Services. Click Next.

  8. Read the AD RMS introduction page, and then click Next.

  9. On the Select Role Services page, verify that the Active Directory Rights Management Server check box is selected, and then click Next.

  10. Click the Create a new AD RMS cluster option, and then click Next.

  11. Click the Use a different database server option.

  12. Click Select, type CPANDL-LICDB in the Select Computer dialog box, and then click OK.

  13. In Database Instance box, click the arrow, click Default, and then click Validate.

  14. Click Next.

  15. Click Specify, type CPANDL\ADRMSSRVC, type the password for the account, click OK, and then click Next.

  16. Ensure that the Use AD RMS centrally managed key storage option is selected, and then click Next.

  17. Type a strong password in the Password box and in the Confirm password box, and then click Next.

  18. Choose the Web site where AD RMS will be installed, and then click Next. In an installation that uses default settings, the only available Web site should be Default Web Site.

  19. Click the Use an SSL-encrypted connection (https://) option.

  20. In the Fully-Qualified Domain Name box, type cpandl-adrmslic.cpandl.com, and then click Validate. If validation succeeds, the Next button becomes available. Click Next.

  21. Click the Choose an existing certificate for SSL encryption option, click the certificate that has been imported for this AD RMS cluster, and then click Next.

  22. Type a name that will help you identify the AD RMS cluster in the Friendly name box, and then click Next.

  23. Read the Introduction to Web Server (IIS) page, and then click Next.

  24. Keep the Web server default check box selections, and then click Next.

  25. Click Install to provision AD RMS on the computer. It can take up to 60 minutes to complete the installation.

  26. Click Close.

  27. Log off the server, and then log on again as cpandl\ADRMSADMIN to update the security token of the logged-on user account. The user account that is logged on when the AD RMS server role is installed is automatically made a member of the AD RMS Enterprise Administrators local group. A user must be a member of that group to administer AD RMS.

Note

At this point in the guide, you can remove cpandl\ADRMSADMIN from the local Administrators group on CPANDL-LICDB.

After the AD RMS licensing-only cluster is installed and configured, you must direct your AD RMS-enabled clients to use it by configuring a client registry override.

To configure the AD RMS client registry override

  1. Log on to ADRMS-CLNT as Administrator (cpandl\Administrator).

  2. Click Start, in the Start Search box type regedit.exe, and then press ENTER.

  3. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.

  4. Navigate to:

    HKEY_LOCAL_MACHINE\Software\Microsoft\MSDRM\ServiceLocation

    If any parts of this path do not exist, you must create them.

  5. Right-click ServiceLocation, point to New, and then click Key.

  6. Type EnterprisePublishing, and then click OK.

  7. Double-click the (Default) registry entry in the EnterprisePublishing key. In the Value data box type https://cpandl-adrmslic.cpandl.com:443/\_wmcs/licensing, and then click OK.