After quite a long while I’m finally focusing a bit more on blogging on some of the cool technologies I get to play with as part of my job.  Ok…well, maybe it’s not technically part of my job but I find it fun to do this anyway. 

Before I get into the details of AD RMS and setting it up I wanted to note that I scored an HP DL380 from a friend for under $300! It’s got 2 x 3.06GHz Intel Xeon CPUs, it had 2GB of RAM (which I recently upgraded to 12GB), and it’s got 6 x 36GB 10,000 RPM UltraSCSI III drives with a RAID controller. I’ve set up as my VM server (although I unfortunately could not load Server 2008 with Hyper-V on it since that requires a 64-bit system with a CPU that either had Intel-VT or AMD-V virtualization technologies) and I’m slowly building out my VM lab. Now if I could just find some inexpensive 72GB drives for it to replace the 36GB ones I’d be a happy man. But enough of that digression.

I set up AD RMS according to the Step-by-Step guide on TechNet as well as following any pointer from Tony Trivisan’s blog on MSDN.

I set up my Virtual Machine environment as follows:

Machine Function Platform
CPANDL-DC Domain Controller Windows Server 2008
ADRMS-SRV RMS Server Windows Server 2008
ADRMS-DB RMS Database Server Windows Server 2003 R2 running SQL Server 2005
ADRMS-CLNT Client System Windows Vista Business SP1 with Office Professional 2007
ADRMS-CLNT2 Client System Windows Vista Business SP1 with Office Professional Plus2007

This is slightly different than the Step-by-Step guide on TechNet. The reason is because when I first installed the client and put Office Professional 2007 on it I discovered that I could not create restricted documents. It turns out that Office Professional 2007 cannot create restricted documents but it can consume restricted documents. In order to actually create RMS controlled documents you need either Office Professional Plus 2007, Office Enterprise 2007, or Office Ultimate 2007. It’s a little detail that Microsoft does not convey very well. Nevertheless once done I was able to create a simple test document, apply restrictions to it, and then open it up as a separate user. All in all a very useful test.

One thing that I would point out — I used a self-signed certificate for the RMS licensing server in order to enable communications using SSL. You will get prompted to accept the certificate every time you open the document if you don’t put the certificate into the Trusted store on the machine. I’ll explain how to do that in the next post.