Registering a Service Connection Point
Updated: October 22, 2009
Applies To: Windows Server 2008 R2, Windows Server 2008 R2 with SP1
The service connection point (SCP) for Active Directory Rights Management Services (AD RMS) identifies the connection URL for the service to the AD RMS-enabled clients in your organization. After you register the SCP in Active Directory Domain Services (AD DS), clients will be able to discover the AD RMS cluster to request use licenses, publishing licenses, or rights account certificates (RACs).
When the AD RMS role is configured on your server, the installation attempts to register the AD RMS SCP, but if it is unable to do so, you can register or change the SCP from the cluster Properties sheet in the Active Directory Rights Management Services console.
If you are registering a service connection point (SCP) from an AD RMS cluster in a child domain, you might receive an error stating that SCP registration failed. In many cases, the registration was successful, but the registration first takes place in the top-level domain and it takes time to replicate to the child domain where the AD RMS cluster checks for the SCP object. As soon as the SCP has been replicated to all global catalog servers in the forest, the message will no longer appear.
Membership in the AD RMS Enterprise Administrators and the Enterprise Admins group in AD DS, or equivalent, is the minimum required to complete this procedure.
To register a service connection point
At the Windows PowerShell command prompt, type:
:\ -Name ScpUrl -Value<SCP_address>
where <drive> is the name of the Windows PowerShell drive, and <SCP_address> is the address of the service connection point being registered.
For example, if you have created a Windows PowerShell drive named Z:, to register the SCP as a secure sockets layer (SSL) URL for a server named rms.contoso.com, type:
Set-ItemProperty -Path Z:\ -Name ScpUrl -Value https://rms.contoso.com:443/_wmcs/certification