RMS Administration Best Practices
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Consider the following best practices for administering RMS.
Minimize the number of services on all RMS servers.
As with any defense-in-depth strategy for securing servers, all unnecessary services should be disabled on all of the individual RMS servers in each RMS cluster. In an RMS environment, RMS and required components should be the only services running on the RMS cluster servers.
Perform Frequent Backups of the Configuration Databases
The configuration databases store information that is vital to the functioning of RMS. In addition, the root cluster configuration database stores the key pairs for the entire installation. If you perform regular backups, you can quickly get RMS functioning again if a database server fails. In addition to making regular backups, you should also regularly test the validity of these backups by performing dry run restores (in a separate test environment). For more information, see “Backing Up and Restoring the RMS System” in the "Planning: RMS " section of this documentation collection.
Regularly Trim the Logging Database
Depending on the degree of logging that is enabled in RMS, the logging database can grow over time. It is recommended to run SQL Server scripts to archive selected information from the logging database into a secondary database once the log entries reach a certain age. For more information, see “Maintaining the Logging Database” in the "Planning: RMS" section of this documentation collection.
Use Microsoft Operations Manager (MOM) to Monitor RMS Server
Use MOM and RMS MOM Pack to trap critical events or detect performance degradation and send notifications of said events.