Adding Servers to Support Certification and Licensing

Updated: June 1, 2008

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

After you install and provision the first server to establish the root cluster for RMS, you can set up additional servers to provide extended support for certification and licensing services, such as:

  • You can add a server to the root cluster to provide additional certification and licensing support. All servers added to this cluster share the same configuration and databases.

  • You can set up a separate licensing-only cluster. This cluster can contain one or more servers. It is subenrolled in the root cluster and receives its server licensor certificate (SLC) through the certification services of the root cluster. Any client requests for certification services made to the licensing-only cluster are forwarded to the root cluster. The licensing-only cluster can issue use licenses and publishing licenses without submitting the request to the root cluster.

The option that you decide to deploy depends on the size of your organization and how you want to implement redundancy, scaling, load-balancing support, and security. If you are deploying additional RMS servers to meet increasing certification, licensing, and publishing demands, you should deploy RMS servers as part of the root cluster so that you can set up redundancy and load balancing across all servers. You can load balance the servers in the root cluster, and offload processing for licensing and publishing services by subenrolling a licensing-only cluster with multiple load balanced servers, but you cannot load balance a licensing-only cluster with a root cluster.

The following subjects provide guidance about this task:

Roles, Permissions, and Rights Required for Installation and Provisioning

To install and provision additional servers, you need the same roles, permissions, and rights as those that are required for setting up the initial server. In addition, you must also have permission from the root cluster to set up a separate licensing-only cluster, which is known as subenrollment. The root cluster is controlled through the DACL of the SubEnrollService.asmx file. Members of the RMS Service Group, including the RMS service account that you specify during provisioning of the first server in the root cluster, have permission to perform subenrollment. For more information, see “Setting Up Certification and Licensing Services on the First Server” earlier in this subject.

The Provisioning Processes for Additional Certification and Licensing Servers

Adding servers to the root and licensing-only clusters require that the server complete the provisioning process. The provisioning process varies, based on the type of server that you are provisioning.

  • If you are provisioning the first server in a licensing-only cluster, specify a configuration database, an RMS service account, a cluster URL, and the private key protection information in the same manner that you specified this information for the first server in the root cluster. However, you do not specify a server licensor certificate revocation policy, that policy is controlled by the root cluster.

  • If you are provisioning a server as a cluster member, the only information that you need to specify during provisioning is the RMS service account, the configuration database, and the password for private key protection (or use the same CSP and private key as the existing cluster). All servers in a cluster share the same server licensor certificate and server key pair.

Do not install RMS on any other servers until you have completed RMS setup on the first server in the root cluster, including both installing and provisioning that server.

After you have installed and provisioned an additional server, it is automatically configured as a cluster member. However, if you have implemented load balancing, you need to configure the load-balancing software to work with the new server.

Setting Up Clusters and Load Balancing

RMS is designed to support multiple RMS servers in a root or licensing-only cluster. Adding additional RMS servers to the root and licensing-only clusters provides greater scalability, reliability, and load balancing of your RMS deployment.

Adding Servers to the Clusters

To add a server to a cluster, provision the first server in the root cluster or a licensing-only cluster. For the second and subsequent servers that are in each cluster, install RMS on the new server, go to the Global Administration page, and then click Add this server to a cluster to provision the necessary resources and join the server to the root cluster or licensing-only cluster.

Specify the database name for the cluster that you want to join.

Load Balancing Clusters

RMS does not automatically implement load balancing. You can use hardware or software load balancing, including Network Load Balancing, to balance the load across all RMS servers.

The following topics provide additional details about this subject:

  • For more information about the differences between certification and licensing services, see “RMS System Overview” in “RMS: Technical Reference” in this documentation collection.

  • For more information about how to map server deployments to your organization’s availability and performance requirements, see “Providing Redundancy and Load Balancing” in “RMS: Planning” in this documentation collection.

  • For more information about how to determine the number of servers required to support deployment of RMS in your organization, see “Evaluating Scaling Requirements” in “RMS: Planning” in this documentation collection.

  • For more information about how to implement IT security with your RMS deployment, see “Securing the RMS Deployment” later in this subject.

  • For information about how to install RMS, see “To Install RMS with Service Pack 2” in “RMS: Operations” in this documentation collection.

    You can also install RMS from a command prompt. For more information, see “Command Prompt RMS Installation” in “RMS: Operations” in this documentation collection.

  • For information about how to provision a licensing-only cluster, see “To Provision a Licensing-only Cluster” in “RMS: Operations” in this documentation collection.

  • For information about how to provision additional servers in a cluster, see “To Add a Server to a Cluster” in “RMS: Operations” in this documentation collection.

Community Additions