MOC 50403 - Implementing Active Directory Rights Management Services with Exchange and SharePoint
This four-day Implementing Active Directory Rights Management Services with Exchange and SharePoint training class provides students with the knowledge and skills to deploy Microsoft® Active Directory® Rights Management Services (AD RMS), and to understand the role AD RMS plays in a wider infrastructure and how it interacts with other Microsoft® technologies.
This course is intended for experienced systems administrators who have working experience and background knowledge of Windows Server® 2008, and a basic understanding of Active Directory, IIS, Microsoft® SQL Server®, and Microsoft® Exchange Server technologies. Basic knowledge of DNS, general networking, and PKI principles is also helpful.
- Understand AD RMS architecture, and the role the product plays as part of a wider infrastructure.
- Understand the AD RMS interaction model with other Microsoft technologies.
- Install and provision AD RMS and understand installation pre requisites and best practices.
- Understand how several other Microsoft technologies use AD RMS to protect documents and email messages.
- Understand how to use AD RMS on server applications such as Microsoft® Office SharePoint® Server and Microsoft Exchange Server.
- Create, manage, and distribute rights policy templates as AD RMS administrators.
- Understand the different trust relationships that can extend AD RMS protection beyond your infrastructure.
- Troubleshoot common issues in the core infrastructure, product installation, and product usage.
Webucator is a Microsoft Certified Partner for Learning Solutions (CPLS). This class uses official Microsoft courseware and will be delivered by a Microsoft Certified Trainer (MCT).
- Why Rights Management?
- A Bit of History
- Business Reasons for AD RMS
- What AD RMS Does
- AD RMS Usage Scenarios
- AD RMS Technology Overview
- AD RMS in Windows Server 2008 R2 and Windows 7
- Lab: AD RMS Demonstration
- User experience protecting Microsoft Office–based documents.
- AD RMS Architecture
- AD RMS Components Overview
- AD RMS Bootstrapping Process
- AD RMS Publishing and Licensing Process
- AD RMS Service Connection Point (SCP)
- AD RMS Topology
- AD RMS Components Details
- AD RMS Installation and Provisioning
- AD RMS Requirements
- AD RMS Prerequisites
- Installing and Provisioning AD RMS
- AD RMS Server Installation Best Practices
- Migrating RMS to AD RMS
- Lab: Creating the AD RMS Service Account
- Create an AD RMS Service Account
- Lab: Installing and Provisioning AD RMS
- Install and provision AD RMS
- Information Rights Management on Desktop Applications
- Operating System Versions and AD RMS Clients
- Microsoft Office IRM
- XPS IRM
- Windows Mobile 6.0 IRM
- RM Add-on for Internet Explorer and Rights-Managed HTML (RMH)
- Office Viewers and AD RMS
- IRM Client Registry Settings
- Lab: Protecting and Consuming AD RMS Protected Documents
- Protect and Consume AD RMS Protected Documents
- Lab: Creating and Consuming AD RMS Content Using Microsoft Outlook 2007
- Create and Consume AD RMS Content Using Microsoft Outlook 2007
- Lab: Protecting and Consuming Content Using XPS
- Protect and Consume Content Using XPS
- Lab: Consuming Content Using the Rights Management Add-on for Internet Explorer
- Consume Content Using the Rights Management Add-on for Internet Explorer
- Lab: Using Active Directory Security Groups
- Using Active Directory Security Groups
- Rights Policy Templates
- Introduction to Rights Policy Templates
- Creating Rights Policy Templates
- Protecting Content Using Templates
- Consuming Content Protected by Templates
- Managing Rights Policy Templates
- Template Distribution Strategy
- Lab: Creating and Using a Rights Policy Template
- Create and Use a Rights Policy Template
- Lab: Modifying Existing Templates
- Modify Existing Templates
- Lab: Distribute a Rights Policy Template
- Distribute a Rights Policy Template
- Information Rights Management on Server Applications
- Enabling MOSS IRM
- Configuring MOSS IRM on Document Libraries
- Consuming Content using MOSS IRM
- Lab: Integrating AD RMS and Exchange Server 2010
- Using OWA without Microsoft Exchange IRM integration
- Configuring Microsoft Exchange Server 2010 and AD RMS integration
- Implementing and validating Microsoft Exchange Server 2010 and AD RMS integration
- Lab: Integrating AD RMS with Bulk Protection Tool
- Use Bulk Protection Tool to decrypt protected content
- Use Bulk Protection Tool to Protect content using AD RMS Templates
- Lab: Protect information Automatically Integrating AD RMS with FCI and Bulk Protection Tool
- Setup environment for FCI and AD RMS bulk protection
- Create classification property and rules for Contoso documents
- Create file management tasks to restrict access to low and high business impact information
- Verify FCI and AD RMS bulk protection functionality
- Administering AD RMS
- The AD RMS Administration Console
- New AD RMS Administration Roles
- Rights Account Certificate Policies
- Exclusion Policies
- Revocation
- The Super Users Group
- Lab: AD RMS Role Separation
- Review the AD RMS Role Separation Security Options
- Lab: Configuring Exclusion Policies
- Excluding Internal User Accounts
- Lab: Configuring the Super Users Group
- Create AD RMS-protected content by using Microsoft Office Excel 2007
- Enabling and Testing the Super Users Group
- Lab: AD RMS Reports
- Review the AD RMS Reports options
- Lab: GPO/Registry Override Settings
- Configure GPO and Registry Override Settings
- Managing Trust
- Introduction to Trust Policies
- Trusted User Domains
- Trusted Publishing Domains
- AD RMS and Active Directory Federation Services
- Windows Live ID Trust
- Trust Scenarios
- General Infrastructure Requirements and Product Capabilities
- Lab: Configuring Trusted User Domains
- Export and import the TUD certificate
- Verifying AD RMS Functionality
- Lab: Configuring a Trusted Publishing Domain
- Remove the TUD Trust Relationship with Adatum
- Bootstrap and Protecting Information Before the Merge
- Exporting and Importing the Private Key from the Trusted Publishing Domain
- Verifying the Functionality of a Trusted Publishing Domain
- Lab: Configuring AD FS Trust and user experience
- Reset Existing AD RMS Trust
- Configure AD RMS Support for AD FS
- Adding SPN entries
- Configure AD RMS Applications for Federation
- Configure the AD FS Client
- Verify AD RMS and Federation Functionality
- Extranet Considerations
- Extranet Access to AD RMS
- Extranet Access to AD RMS Pipelines
- Extranet Client Considerations
- AD RMS and Firewall Options
- Extranet Scenarios
- Lab: Configure AD RMS Pipelines
- Configure AD RMS Pipelines
- Lab: Configure Forefront TMG to Publish AD RMS
- Configure Forefront TMG to Publish AD RMS
- Lab: Verify the AD RMS functionality from an Internet Client
- Verify the AD RMS Functionality from an Internet Client
- Lab: OWA Consumption
- OWA Consumption
- Deploying and Maintaining AD RMS Infrastructure
- AD RMS General Performance Guidelines
- Adding a Server to a Cluster
- Managing Clusters
- AD RMS Disaster Recovery
- Lab: Installing AD RMS Root Certification cluster additional nodes
- Installing Network Load Balancing
- Configuring the AD RMS cluster for High Availability
- Checking the service functionality – tasks
- Decommissioning an AD RMS infrastructure
- Troubleshooting AD RMS
- Troubleshooting Core Infrastructure
- Troubleshooting Product Installation
- Troubleshooting Product Usage
- Diagnostic Tools
- Additional Tools
Each student will receive a comprehensive set of materials, including course notes and all the class examples.
Experience in the following is required for this Windows Server class:
- Working experience and background knowledge of Windows Server® 2008.
- Basic understanding of Active Directory, IIS, Microsoft® SQL Server®, and Microsoft® Exchange Server technologies.
- Basic knowledge of DNS, general networking, and PKI principles is also suggested.