Managing the Microsoft Federation Gateway Licensing Filter List

Applies To: Windows Server 2008 R2, Windows Server 2008 R2 with SP1

You can control the federated domains that the Active Directory Rights Management Services (AD RMS) cluster will provide licenses to for consuming protected content. You can do this either by specifying the users and domains that can receive licenses, or by specifying the users and domains that will be blocked from receiving licenses.

Membership in the local AD RMS Enterprise Administrators, or equivalent, is the minimum required to complete this procedure.

To allow or block domains for licensing

  1. At the Windows PowerShell command prompt, type:

    Set-ItemProperty -Path <drive>:\TrustPolicy\MicrosoftFederationGateway -Name LicensingDomainFilterList -Value [<user>@]<domain>[,[<user>@]<domain>]...

    where*<drive>* is the name of the Windows PowerShell drive, <user> is the email alias of a user who will be allowed to or blocked from receiving licenses, and <domain> is the name of a domain containing the users who will be allowed to or blocked from receiving licenses. Separate list entries by using a comma (,). If you specify a domain name without a user name, all users in the specified domain will be allowed to or blocked form receiving licenses, depending on which option you specify in the next step. Use an asterisk (*) to specify all users in all domains.

  2. Do one of the following:

    • To specify that the listed users and domains are allowed to receive licenses, at the Windows PowerShell command prompt, type:

      Set-ItemProperty -Path <drive>:\TrustPolicy\MicrosoftFederationGateway -Name LicensingDomainFilteringMode -Value Allow

    • To specify that the listed users and domains are not allowed to receive licenses, at the Windows PowerShell command prompt, type:

      Set-ItemProperty -Path <drive>:\TrustPolicy\MicrosoftFederationGateway -Name LicensingDomainFilteringMode -Value Block

See Also

Concepts

Using Windows PowerShell to Administer AD RMS
Understanding the AD RMS Administration Provider Namespace
Configuring Microsoft Federation Gateway Support

Other Resources

Understanding AD RMS Trust Policies
Understanding the Microsoft Federation Gateway