Share via


Upgrading the AD RMS Server Role

Updated: October 22, 2009

Applies To: Windows Server 2008 R2, Windows Server 2008 R2 with SP1

After you upgrade a server that is running Windows Rights Management Services SP2 on Windows Server 2003 or that is running the Active Directory Rights Management Services (AD RMS) server role on Windows Server 2008, you must upgrade the AD RMS server role. You can use Windows PowerShell cmdlets to perform this task. The cmdlets that you use depend on whether the AD RMS cluster that the server belongs to uses a cryptographic service provider (CSP) or the AD RMS configuration database to store the cluster key.

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure.

To upgrade the AD RMS server role on a cluster that uses a CSP

  1. At a Windows PowerShell command prompt, type:

    Import-Module ADRMS

    $svcacct = Get-Credential

  2. In the dialog box that appears, type the user name and password of the AD RMS service account.

  3. At the Windows PowerShell command prompt, type:

    Update-ADRMS -ServiceAccount $svcacct

To upgrade the AD RMS server role on a cluster that does not use a CSP

  1. At a Windows PowerShell command prompt, type:

    Import-Module ADRMS

    $svcacct = Get-Credential

  2. In the dialog box that appears, type the user name and password of the AD RMS service account.

  3. At the Windows PowerShell command prompt, type:

    $pword = Read-Host -AsSecureString -Prompt “Password:”

  4. Type the cluster key password, and then press the ENTER key.

  5. At the Windows PowerShell command prompt, type:

    Update-ADRMS -ServiceAccount $svcacct -PrivateKeyPassword $pword

Important

If the Identify Federation Support role service was installed and configured before you performed the upgrade, you must remove and then reinstall Identity Federation Support after running the Update-AD RMS cmdlet. If you do not, federation support will stop functioning. For more information, see Adding or Removing Federated Identity Support.

See Also

Concepts

Using Windows PowerShell to Deploy AD RMS
AD RMS Deployment Cmdlets
Using Windows PowerShell to Administer AD RMS

Other Resources

Pre-installation Information for Active Directory Rights Management Services