Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Lockboxes reside on client computers. A lockbox is an integral part of identifying a computer or device that is trusted by RMS. A computer or device receives a lockbox when the RMS client is installed and activated. Each lockbox is built on a hardware identifier, so that the lockbox is both unique and bound to a specific computer. A lockbox contains the private key of the activated computer.

There is no requirement for computers to be members of an Active Directory domain to receive a lockbox or machine certificate.