Sharepoint considerations when configuring AD rights management cluster

By default AD Rights Management cluster certificate pipeline ACL is configured to allow only local system account. All the web front end servers in your SharePoint farm must be granted read and execute permission. In addition IIS application pool account and Server Farm account also need read and execute permission assigned

Logon to RMS server

Navigate to C:\Inetpub\wwwrot\_wmcs\Certification.

Right-click ServerCertification.asmx, click Properties, and then click the Security tab.

Click Advanced, click Edit, select the Include inheritable permissions from this object’s parent check box, and then click OK twice.


Click Add

Click Object Types, select the Computers check box, and then click OK.

Add the web front end server and assign read/execute and read permissions

Repeat the above steps for all web front ends in your farm, server farm account and application pool account.

From the command prompt run “iisreset /noforce”

You are now ready to integrate MOSS with AD RMS

Technorati Tags: SharePoint,AD RMS,Information Rights Management