Excluding Applications

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

You can specify the version of an RMS-enabled application that all licensing requests are checked against. Application exclusion stamps every use license with a condition that the license can bind only to the rights-protected content for which it is issued, if the application that is requesting the license is not on the excluded list.

This may be useful, for example, when an enterprise deploys a security update for an application. System administrators can use their usual mechanism to cause client computers to install the security update. They can then set application exclusion policies that are defined by the version information of the application that is using the administration Web site. This exclusion policy restricts RMS from issuing licenses to clients that are running previous versions of the software.

RMS-enabled applications are excluded by their file name and version number. You might want to do this to make sure that users install a newer, more secure version of an application when it becomes available. For example, you may have version of an RMS-enabled application that is deployed in your organization. Then the application developer discovers a security problem and issues version that eliminates the problem. In addition to rolling out the new version of the application, you can establish an exclusion policy that prevents users from consuming protected content until they upgrade to the latest version of the RMS-enabled application.

As with other types of exclusion, you must configure application exclusion on each cluster for which you want it to take effect.

When you apply this exclusion policy on your server, clients cannot use the excluded application to request and bind new use licenses to rights-protected content. However, clients can continue to use the excluded application to consume previously licensed files.


RMS requires the application version to be specified in a 4-digit period delimited format (#.#.#.# ). However some applications specify their application version with 2 or 3-digit period delimited numbers. In this case, you should append a .0 as appropriate to make the version number match the format required by RMS.