This two-day instructor-led course provides students with the knowledge to understand the role that Microsoft Active Directory Rights Management Services (AD RMS) plays in a wider infrastructure, and how it interacts with other Microsoft technologies.

This course is intended for experienced systems administrators who have working experience and background knowledge of Windows Server 2008, and basic understanding of Active Directory, IIS, Microsoft SQL Server, and Microsoft Exchange Server technologies. Basic knowledge of DNS, general networking, and PKI principles is also helpful.



Objectivos

_ Understand AD RMS architecture, and the role the product plays as part of a wider infrastructure.
_ Understand the AD RMS interaction model with other Microsoft technologies.
_ Understand how several other Microsoft technologies use AD RMS to protect documents and email messages.
_ Understand how to use AD RMS on server applications such as Microsoft Office SharePoint Server and Microsoft Exchange Server.
_ Create, manage, and distribute rights policy templates as an AD RMS administrator.
_ Understand the different trust relationships that can extend AD RMS protection beyond your infrastructure.


Duração: 12 horas


Conteúdo Programático

Module 1: Why Rights Management
This module provides an overview of Microsoft Active Directory Rights Management Services (AD RMS). The overview describes how the product works, the business reasons for using AD RMS, and the technology that you use to deploy an AD RMS environment.
Lessons
_ A Bit of History
_ Business Reasons for AD RMS
_ What AD RMS Does
_ AD RMS Usage Scenarios
_ AD RMS Technology Overview
Lab : AD RMS Demonstration
_ User experience protecting Microsoft Office system documents.

Module 2: AD RMS Architecture, Installation, and Provisioning
This module covers the basic architecture and concepts of AD RMS. Most of the concepts introduced in this module will be covered in more detail in other modules later in the course. The student will also learn the procedure for deploying AD RMS servers, as well as the permissions required for the accounts that are used in the deployment and management of AD RMS.

Lessons
_ AD RMS Components Overview
_ AD RMS Bootstrapping Process
_ AD RMS Publishing and Licensing Process
_ AD RMS Service Connection Point (SCP)
_ AD RMS Topology
_ AD RMS Prerequisites
_ Installing and Provisioning AD RMS
Lab : Creating the AD RMS Service Account
_ Creating an AD RMS Service Account
Lab : Installing and Provisioning AD RMS
_ Installing and provisioning AD RMS

Module 3: Active Directory Rights Management Clients and Information Rights Management on Desktop Applications
This module begins by describing the AD RMS client software, its requirements, and how to deploy it. Next, the module identifies the rights management components on client machines and the bootstrapping process the AD RMS client performs for each user. The module then discusses how Information Rights Management (IRM) is provided in the Microsoft Office system, the XPS format, Window Mobile 6.0, and read-only access in Windows Internet Explorer. The module ends with a discussion of registry keys in AD RMS.
Lessons
_ OS Versions and AD RMS Clients
_ Microsoft Office IRM
_ XPS IRM
_ Rights Management Add-on for Internet Explorer and Rights-managed HTML
_ Office Viewers and AD RMS
Lab : Protecting and Consuming AD RMS Protected Documents
_ Protecting and Consuming AD RMS Protected Documents
Lab : Creating and Consuming AD RMS Content Using Microsoft Office Outlook 2007
_ Creating and Consuming AD RMS Content Using Microsoft Office Outlook 2007
Lab : Protecting and Consuming Content Using XPS
_ Protecting and Consuming Content Using XPS

Module 4: Rights Policy Templates and the Super Users Group
This module provides an introduction to rights policy templates and the concepts regarding protecting and consuming content that is protected by templates. These templates are used to standardize security policies and protect information according to the latest policy.
Lessons
_ Introduction to Rights Policy Templates
_ Creating Rights Policy Templates
_ Protecting Content Using Templates
_ Consuming Content Protected by Templates
_ The Super Users Group
Lab : Creating and Using a Rights Policy Template
_ Creating and Using a Rights Policy Template
Lab : Modifying Existing Templates
_ Modifying Existing Templates
Lab : Distribute a Rights Policy Template
_ Distribute a Rights Policy Template
Lab : Configuring the Super Users Group
_ Create AD RMS-protected content using Excel 2007
_ Enabling and Testing the Super Users Group

Module 5: Information Rights Management on Server Applications
This module shows how AD RMS integrates with server-side applications, that use AD RMS to automatically protect and license content. This module covers the following server products:
- Microsoft Office SharePoint Server (MOSS) 2007
- Microsoft Exchange Server 2010
- AD RMS Bulk Protection Tool + FCI
Lessons
_ Microsoft Office SharePoint Server 2007 IRM
_ Email Protection in Exchange Server 2007
_ New AD RMS Features in Exchange Server 2010
_ AD RMS Bulk Protection Tool and File Classification Infrastructure
Lab : Integrating AD RMS and Microsoft SharePoint Server 2007
_ Enabling MOSS IRM
_ Configuring MOSS IRM on Document Libraries
_ Consuming Content using MOSS IRM
Lab : Integrating AD RMS and Microsoft Exchange Server 2010
_ Using OWA without Microsoft Exchange IRM integration
_ Configuring Exchange Server 2010 and AD RMS integration
_ Implementing and validating Microsoft Exchange Server 2010 and AD RMS integration
Lab : Integrating AD RMS with Bulk Protection Tool
_ Use Bulk Protection Tool to decrypt protected content
_ Use Bulk Protection Tool to Protect content using AD RMS Templates
Lab : Protect Information Automatically Integrating AD RMS with FCI and Bulk Protection Tool
_ Set up environment for FCI and AD RMS bulk protection
_ Create classification property and rules
_ Create file management task to restrict access to low and high business impact information
_ Verifying FCI and AD RMS bulk protection functionality

Module 6: Managing Trust
This module discusses the trust architecture in AD RMS, how trusted user domains operate, and the types of trusts that are available—including Active Directory Federation Services (FS).
Lessons
_ Introduction to AD RMS Trust Policies
_ Trusted User Domains
_ Trusted Publishing Domains
_ AD RMS and Active Directory Federation Services
_ Windows Live ID Trust
Lab : Configuring Trusted User Domains
_ Export and import the TUD certificate
_ Verifying AD RMS Functionality
_ Reset Existing AD RMS Trust
Lab : Configuring AD FS Trust and User Experience
_ Configure AD RMS Support for AD FS
_ Adding SPN Entries
_ Configure AD RMS Applications for Federation
_ Configure the AD FS Client
_ Verify AD RMS and AD FS Functionality


Requisitos

_ Working experience and background knowledge of Windows Server 2008.
_ Basic understanding of Active Directory, IIS, Microsoft SQL Server, and Microsoft Exchange Server technologies.
_ Basic knowledge of DNS, general networking, and PKI principles is also suggested.

Solicite mais informação

Inscreva-se neste curso