Securing the Configuration Database

Updated: June 1, 2008

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

The configuration database stores the public and private keys that control access to all content licensed by RMS, so it is vital to employ good security practices to make sure that the database is secure. To ensure that the database is secure, you should restrict physical access to the servers where the configuration database resides, as well as ensure that all software components are configured to restrict access to only authorized personnel. By default, RMS configures the configuration database permissions in a secure manner. For more information about additional steps to take to secure the configuration database, see “Securing the Databases used by RMS” earlier in this subject.