PKI Blog

File Server Resource Manager and AD RMS

Posted by Sarah Duncan on Jun 3, 2013 8:06:31 AM

You may have heard of the ability back in Windows Server 2008 R2 to use the File Classification Infrastructure (FCI) feature (part of the File Services role) together with the AD RMS Bulk Protection Tool (a command-line tool) to automatically apply rights protections to documents stored on a file server based on things such as key words in the files. That was a nice feature, but a little clunky to use with the command-line AD RMS Bulk Protection Tool. The good news is that the AD RMS integration has now been incorporated into the File Server Resource Manager on Windows Server 2012, eliminating the need for the AD RMS Bulk Protection Tool in this context. The AD RMS Bulk Protection Tool can also be used outside of FCI whenever you need to bulk encrypt or decrypt a batch of files.

Read More

Topics: Active Directory Rights Management Services, IT Security, Microsoft Security Partner, Microsoft Active Directory, Data Protection, FCI, RMS, command line tool, AD RMS Bulk Protection Tool, Blog, Active Directory, File Server Resource Manager, AD, AD RMS, File Classification Infrastructure (FCI)

Authorization Error Enabling AD RMS for Exchange

Posted by Sarah Duncan on May 2, 2013 9:06:08 AM

Recently I encountered an odd authorization error while trying to enable Active Directory Rights Management Services (AD RMS) for an on premise Exchange 2010 server and thought the world might benefit from my experience in resolving the issue.

Read More

Topics: Active Directory Rights Management Services, Microsoft Active Directory AD, IT Security, Microsoft Security Partner, Microsoft Active Directory, Microsoft Exchange, Microsoft, Exchange server, Blog, Active Directory, AD RMS, IT management

Shocked by an Android

Posted by Sarah Duncan on May 23, 2012 8:08:50 AM

Stunned is the word for it. There I was getting to know my new Samsung Galaxy Tab 2, a tablet running Android 4.0 (Ice Cream Sandwich). I configured the built-in Exchange ActiveSync client (using certificate-based authentication, but that's a discussion for another day) and was browsing around the interface when I spotted an oddly familiar-looking icon. "Hmmm," I said, "I wonder what that button does."

Read More

Topics: Active Directory Rights Management Services, Microsoft Active Directory AD, Android Ice Cream Sandwich, IT Security, Industry Trends, Microsoft Active Directory, Samsung Galaxy Tab 2, Data Protection, Ice Cream Sandwich, RMS, Rights Management System, Android 4.0, Android, Blog, AD, AD RMS

The Major Challenge in AD RMS Implementations

Posted by Sarah Duncan on Feb 27, 2012 8:00:25 PM

The major challenge in an AD RMS implementation is not getting the infrastructure up and running or getting the client settings, files and application deployed to all users. It's not making RMS available through your firewall or getting it working with your SharePoint server. No, the major challenge is getting your users to actually use RMS to protect e-mail messages and documents. It's very simple for your users to apply RMS protections to an e-mail or document--it's just a couple clicks--but it's hard to train them to remember to take that extra step. Luckily, there are solutions available to help you automate protections, so you're not entirely relying on your users to take that extra step.

Read More

Topics: Active Directory Rights Management Services, IT Security, Microsoft Security Partner, Data Protection, RMS, Rights Management System, Blog, Microsoft SharePoint 2010, Microsoft Exchange 2010, Active Directory, AD, AD RMS

First Look: Microsoft Generic File Protection Explorer

Posted by Sarah Duncan on Feb 14, 2012 4:00:11 AM

One of the things we often run into while working on AD RMS deployments is customers who want to protect documents in formats other than those that are natively supported by AD RMS--Outlook, Word, Excel, PowerPoint, InfoPath and XPS Viewer. Common asks include PDFs, graphics such as JPEGs, and Visio documents. There are third party solutions that can integrate with AD RMS to provide protections on additional document formats, but they represent additional expense and effort. For a customer with just a few other files that need protecting, bringing in a third party solution may not be worth it. Enter Microsoft's Generic File Protection Explorer.

Read More

Topics: Rights Management Services, Active Directory Rights Management Services, IT Security, Microsoft Security Partner, Industry Trends, Microsoft Generic File Protection Explorer, Data Protection, Blog, Active Directory, AD RMS

Best Practices for Preparing your Infrastructure for Office365

Posted by CSS Technical Team on Jan 12, 2012 4:24:00 AM

Office365 is a cloud based solution that provides hosted email, collaboration, and IM solution, enabling organizations to quickly implement these capabilities without needing to implement large, in-house infrastructures to support the products. However, as organizations look to move to cloud based solutions, and Office365 in particular, due diligence and planning should be given to preparing the internal security infrastructure, and the user experience aspect. There are 3 steps that you can start tackling to prepare for your deployment (we assume, of course, that the Office365 service itself is secured).

Read More

Topics: Active Directory Rights Management Services, IT Security, Microsoft Security Partner, Desktop Security, Office365, Microsoft Active Directory, DirSync Tool, Microsoft AD, ADRMS, Blog, Microsoft Office365, AD

Configuring a Non-Domain-Joined RMS Client Machine

Posted by Sarah Duncan on Nov 8, 2011 4:08:49 AM

In most corporate environments, when you roll out RMS to the client machines you're talking about domain-joined machines that you are configuring via group policy, SCCM and similar desktop deployment tools. But what if you have a few users who need to have access to RMS-protected content from non-domain-joined clients? What if they need to apply rights-protections to content as well? With your custom templates no less, then what? Under some circumstances, it may be possible to get RMS configured on a non-domain-joined client machine just by asking the user to open a rights-protected document, but whether this will work or not depends on a lot of variables, and it's not a reliable solution. Your best bet is to hand the user an easy-to-run script packaged with your rights policy templates to line all the ducks up in a row automatically.

Read More

Topics: Rights Management Services, Active Directory Rights Management Services, IT Security, Microsoft Security Partner, Microsoft RMS, RMS, Blog, PowerShell script, PowerShell, AD RMS

Posts by Topic

see all

Want to Learn more about CSS?