Beruflich Dokumente
Kultur Dokumente
Full Control: Gives a user full control over an AD RMS – protected document.
Save: Allows a user to use the Save function with an AD RMS – protected
document.
Export: (Save as). Allows a user to use the Save As function with an AD RMS
– protected document.
Reply All: Used with Exchange Server. Allows the recipient of an AD RMS–
protected message to use the Reply All function to reply to that message.
Extract: Allows the user to copy data from the file. If this right is not granted,
the user cannot copy data from the file.
7 – In the New Host box, enter the following information, and then click Add
Host:
Name: ADRMS
IP address: 172.16.1.200
Orait, we now successfully Add new ADRMS Users & Groups to the AD
and also configure DNS so that New ADRMS resource record created.
Open the Server Manager, click Manage, and then click Add Roles and
Features, in the Add Roles and Features Wizard, click Next 3 times.
13 – In the AD RMS Configuration: SUB_SERVER-01.NewHelpTech.lk box,
click Next.
14 – On the AD RMS Cluster box, click Create a New AD RMS root cluster,
and then click Next.
18 – On the Cluster Key Storage box, click Use AD RMS centrally managed
key storage, and then click Next.
19 – On the Cluster Key Password box, enter the password and then click
Next.
20 – On the Cluster Web Site box, verify that Default Web Site is selected,
and then click Next.
21 – On the Cluster Address box, provide the following information, and then
click Next to proceed :
Port: 80
22 – On the Licensor Certificate box, type NewHelpTech ADRMS, and then
click Next.
23 – On the SCP Registration box, click Register the SCP now, and then click
Next to proceed.
24 – Click Install, and then click Close when installation successful.
25 – Next, open the Internet Information Services (IIS), Manager.
26 – In Internet Information Services (IIS) Manager, expand Sites\Default
Web Site and click_wmcs, then under /_wmcs Home, double-
click Authentication.
27 – Then right-click Anonymous Authentication and click Enable.
28 – In the Connections pane, expand _wmcs and click licensing and
double-click Authentication.
29 – Right-click Anonymous Authentication and click Enable, then close IIS
Manager.
“You must sign out before you can manage AD
RMS”
Next, let’s configure AD RMS super users group for SUB_SERVER-01.
30 – In Server Manager, click Tools and then click Active Directory Rights
Management Services.
31 – In the Active Directory Rights Management Services console,
expand the SUB_SERVER-01node and then click Security Policies.
32 – In the Security Policies area, under Super Users, click Enable Super
User.
33 – In the Super Users box, in the Superuser group text box,
type ADRMS_Superusers@NewHelpTech.lk, and then click OK.
34 – Open the Active Directory Rights Management Services
console, then click Rights Policy Templates node and then in the Actions
pane, click Create Distributed Rights Policy Template.
35 – In the Create Distributed Rights Policy Template Wizard box, on the Add
Template Identification information box, click Add.
36 – On the Add New Template Identification Information box, enter the
following information and then click Add and click Next to proceed.
Name: ReadOnly
37 – On the Add User Rights box, click Add, then on the Add User or Group
page, type executives@NewHelpTech.lk and then click OK to proceed.
38 – When executives@NewHelpTech.lk is selected, under Rights,
click View. Verify that Grant owner (author) full control right with no
expiration is selected, and then click Next.
39 – On the Specify Expiration Policy box, choose the following settings and
then click Next:
11 – Try to open the Test.docx file. Notice the message that displays.
12 – Click View Permission and verify that B user has the view permission.