* What is Rights Management?
* Some Additional Notes abouts RMS
What happens with AD RMS?
1) User1 receives a "Client licensor certificate" the first time he rights-protect a word 2007 file he's created.
2) Then Users1 defines a set of usage rights and rules for his file. Word 2007 creates a "Publishing license" and encrypts the file.
3) User1 emails the file or puts in on share drive.
4) User2 clicks the file to open. Word 2007 calls to the RMS server which validates the user and issues a "use license."
5) Word 2007 opens the file and enforces whatever rights User1 put on int.
Additional Notes about RMS:
* The application that creates the file must be RMS-aware (Office 2007 is a good example).
* The rights assigned to the File travel alongs with the File.
* If somebody isn't on the list of users who can open a file, they can't get into the file.
* The Certificates that are used in RMS are not dependent on AD Certificate Services- they're created and issued by the RMS Server, not a Certificate Authority.
* AD RMS in Server 2008 supports AD Federation Services, and it can be used with SharePoint deployments as well.
* There's fantastic reporting Tools built into the AD RMS in Server 2008 for auditing who's accessed the document, who failed to access a document, etc.
RMS in a Nutshell:
* Rights Management Service requires an RMS Server, a SQL Server, and a AD DS Domain Controller, and an RMS-aware application (Office 2007).
* The Author of a document sets up who gets to do what on a Document, and they do that from inside of the RMS-aware App (like Word 2007 or Excel 2007) based on Users and groups from AD.
* You don't need an separate AD Certificates Services system for RMS.
* It works with AD FS and SharePoint.
* There's seriously cool tools to audit who's had access to the protected files.
* Some Additional Notes abouts RMS
What happens with AD RMS?
1) User1 receives a "Client licensor certificate" the first time he rights-protect a word 2007 file he's created.
2) Then Users1 defines a set of usage rights and rules for his file. Word 2007 creates a "Publishing license" and encrypts the file.
3) User1 emails the file or puts in on share drive.
4) User2 clicks the file to open. Word 2007 calls to the RMS server which validates the user and issues a "use license."
5) Word 2007 opens the file and enforces whatever rights User1 put on int.
Additional Notes about RMS:
* The application that creates the file must be RMS-aware (Office 2007 is a good example).
* The rights assigned to the File travel alongs with the File.
* If somebody isn't on the list of users who can open a file, they can't get into the file.
* The Certificates that are used in RMS are not dependent on AD Certificate Services- they're created and issued by the RMS Server, not a Certificate Authority.
* AD RMS in Server 2008 supports AD Federation Services, and it can be used with SharePoint deployments as well.
* There's fantastic reporting Tools built into the AD RMS in Server 2008 for auditing who's accessed the document, who failed to access a document, etc.
RMS in a Nutshell:
* Rights Management Service requires an RMS Server, a SQL Server, and a AD DS Domain Controller, and an RMS-aware application (Office 2007).
* The Author of a document sets up who gets to do what on a Document, and they do that from inside of the RMS-aware App (like Word 2007 or Excel 2007) based on Users and groups from AD.
* You don't need an separate AD Certificates Services system for RMS.
* It works with AD FS and SharePoint.
* There's seriously cool tools to audit who's had access to the protected files.
No comments:
Post a Comment