Category RMS

Microsoft RMS for individuals!

RMS stands for Rights Management Services.

RMS historically was only available on corporate networks and required the appropriate infrastructure to support it.

Yesterday Microsoft announced free RMS is now available for individuals.  The best part is that it is free.

Now anyone can protects their own files with encryption through RMS.



 How RMS Works

(from this link:

Read More

How to install Active Directory Rights Management Services

One of the best features of Active Directory in Windows server 2008 is a security tool called Active Directory Rights Management Services (AD RMS). AD RMS allows organizations to secure content such as word documents, excel spread sheets, email’s and even can be integrated in SharePoint. A user would need to be authenticated before they could access the data from any of those content sources. I know this topic has been covered before but I wanted to post the steps from my deployment of AD RMS.

A Windows Server 2008 domain is required before you begin.

On the server you will deploy AD RMS on:

  • Open Server manager
  • Expand Roles
  • Right click and select Add New Roles
  • Click Next
  • Select AD Rights management Services and click next


The following roles will need to be added as well.

  • Click Add Required Role Services.


  • Click Next

You can explore more about AD RMS on the next window by clicking any of the links. When done click next.


Here you have an option to add Identify Federation Support. You can add this now if you will use it or come back in and add it later.

  • Click next when ready.


Now create the new AD RMS Cluster. If you already had AD RMS you would be adding to an existing cluster.

  • Click next to continue.


Now you need to select where to store the AD RMS databases. This can be on an internal windows database or a SQL instance. I typically put mine on a SQL instance. This gives me better control over performance and better ability to backup.

NOTE: you have to click Validate before you are able to click next.


Now you need to specify a domain account that will be AD RMS.


I created ...

Read More

How to manually remove AD RMS

There may be a time when an AD RMS install goes bad or you have to remove it for whatever reason. In my case this was deployed by someone else and it needed to be removed because it was not deployed correctly. RMS was not working properly to the point where you could not get into the console.

Because it was not working I could not use the traditional way to de-commission it. I had to force a removal of RMS which should always be a last resort. Here are the steps to do this:

Go and download the AD RMS toolkit from here:

Install the AD RMS toolkit

  • Open an elevated command prompt
  • CD out to %systemdrive%:\Program Files (x86)\RMS SP2 Administration Toolkit\ADScpRegister\
  • ADScpRegister.exe unregisterscp


  • Uninstall the RMS role from the server through the Server Manager.



  • Remove RMS sites from IIS if they are there after you have removed the role. NOTE they are typically removed automatically but I have seen this not happen before.


  • Reboot the server
  • Remove RMS databases that are left over. NOTE you will need to do this manually.


Now RMS should be completely removed from our environment and you can re-deploy if need be.

Other RMS removal links:

How-To: Remove Crashed or Dead AD RMS Nodes from the cluster:

Read More