To Add a Server to a Cluster
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
To perform this procedure, you must be logged on locally to the administration Web site with a domain user account that is a member of the Administrators group As a security best practice, consider using Run as to perform this procedure.
On each server, you can provision RMS only on a single Web site. If you want to provision RMS on a Web site other than the default Web site, use Internet Information Services Manager to add the Web site before starting this provisioning process. If the Web site that you want to provision does not appear in the list of Web sites, close the Global Administration page, add the Web site, and then start the provisioning process again.
If you are deploying RMS in an environment where your Active Directory domain functional level is set to Windows 2000 native, RMS may not be able to read the memberOf attribute on Active Directory objects when attempting to expand group membership. To allow RMS to read the memberOf attribute, the RMS service account must use a domain account that is a member of the Pre-Windows 2000-Compatible Access (Builtin) group in your forest.
Adding a Server to a Cluster
To Add a Server to a Cluster
After installing RMS on a server that you want to join to a root or licensing-only cluster, click Start, point to All Programs, point to Windows RMS, and then click Windows RMS Administration to open the Global Administration page.
Next to the Web site on which you want to provision RMS, click Add this server to a cluster. You can select the default Web site or another Web site that you have created in Internet Information Services (IIS) for this purpose.
Running any additional Web sites or services on the same server as RMS is not supported. Doing so could result in multiple applications and services running under the same account as RMS, which could expose the private keys to unwarranted operations.
In the RMS service account area, type the domain account name, in the form domain_name\user_name, and the password of the RMS service account under which RMS will run for most normal operations. All servers in a cluster should run under the same RMS service account.
For security reasons, it is recommended that you create a special domain user account to use as the RMS service account, and that you do not grant it any special permissions. The RMS service account cannot be the same domain account that was used to install RMS with Service Pack 2.
In the Configuration database area, specify the name of the database server and the name of the configuration database for this cluster. The database that you select determines the cluster to which this server is joined.
In the Private key protection area, select the mechanism used by this cluster for protecting the private key. For the default software-based private key protection, provide the private key password that was used to encrypt the private key when the first server in this cluster was provisioned.
If error messages display, do not close the page. Instead, fix the errors, run IISReset from a command prompt to restart IIS, go back to the previous page, re-enter the provisioning information, and then click Submit again. If you receive a "Request timed out" error, close the window, verify that the system meets the minimum hardware requirements, and try provisioning the server again.