AD RMS in Domain, Workgroup Setup
Hi, I have a customer who has multiple offices. The main office is having a domain / active directory setup. Here, RMS is working fine. But there are other offices, where PCs are laptops are in a workgroup setup, not joined to the domain server. Over here,
it is not working fine. The network does not have an ISA server (extranet settings configuration is presented somewhere, but is not really working either).
How do I get RMS to function in such a scenario?
How will users get authenticated when the domain server is also not in their network?Karthick
December 8th, 2011 9:00am
How do I get RMS to function in such a scenario?
How will users get authenticated when the domain server is also not in their network?
Karthick
http://technet.microsoft.com/en-us/library/dd772753(WS.10).aspx
They could authenticate through vpn. Through ADFS port 443 (https).
The following are some of the key features of ADFS in Windows Server 2003 R2:
Federation and Web SSO
When an organization uses the Active Directory™ directory service, it currently experiences the benefit of SSO functionality through Windows-integrated authentication within the organization's security or enterprise boundaries. ADFS extends this functionality
to Internet-facing applications, which enables customers, partners, and suppliers to have a similar, streamlined, Web SSO user experience when they access the organization’s Web-based applications. Furthermore, federation servers can be deployed in multiple
organizations to facilitate business-to-business (B2B) federated transactions between partner organizations. For more information about ADFS federation, see
Federation scenarios.
Web Services (WS)-* interoperability
ADFS provides a federated identity management solution that interoperates with other security products that support the WS-* Web Services Architecture. ADFS does this by employing the federation specification of WS-*, called WS-Federation. The WS-Federation
specification makes it possible for environments that do not use the Windows identity model to federate with Windows environments. For more information about WS-* specifications, see
ADFS resources.
Extensible architecture
ADFS provides an extensible architecture that supports the Security Assertion Markup Language (SAML) token type and Kerberos authentication (in the Federated Web SSO with Forest Trust scenario). ADFS can also perform claim mapping, for example, modifying claims
using custom business logic as a variable in an access request. Organizations can use this extensibility to modify ADFS to coexist with their current security infrastructure and business policies. For more information about modifying claims, see
Claim mapping.
Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
December 8th, 2011 10:35am
Hello,
For AD RMS questions, ask them here: http://social.technet.microsoft.com/Forums/en-US/rms/threads
This
posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Microsoft Student
Partner 2010 / 2011
Microsoft Certified
Professional
Microsoft Certified
Systems Administrator: Security
Microsoft Certified
Systems Engineer: Security
Microsoft Certified
Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Microsoft
Certified Technology Specialist: Windows 7, Configuring
Microsoft
Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
Microsoft Certified
IT Professional: Enterprise Administrator
Microsoft Certified IT Professional: Server Administrator
Microsoft Certified Trainer
December 9th, 2011 2:52pm
Hello,
For AD RMS questions, ask them here: http://social.technet.microsoft.com/Forums/en-US/rms/threads
This
posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Microsoft Student
Partner 2010 / 2011
Microsoft Certified
Professional
Microsoft Certified
Systems Administrator: Security
Microsoft Certified
Systems Engineer: Security
Microsoft Certified
Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Microsoft
Certified Technology Specialist: Windows 7, Configuring
Microsoft
Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
Microsoft Certified
IT Professional: Enterprise Administrator
Microsoft Certified IT Professional: Server Administrator
Microsoft Certified Trainer
Free Windows Admin Tool Kit Click here and download it now
December 9th, 2011 10:48pm
Thanks for your response Marius. However, my customer is not in any VPN setup. They access the SharePoint Server hosted in the main office, just through a Public IP address. I have assigned a Public IP address for the RMS server also, actually, but not sure
where this should be configured.
Karthick
December 10th, 2011 12:00am
It is configured corectly that way, don't worry. Below you will find link regarding how to configure the AD RMS Client:
http://technet.microsoft.com/en-us/library/cc732878(WS.10).aspx
Also how to configure the AD RMS server:
http://technet.microsoft.com/en-us/library/cc732878(WS.10).aspx
Also some usefull vids about AD RMS Configuration 15 min in total:
http://www.youtube.com/watch?v=wO_6gH0Qxgk
http://www.youtube.com/watch?v=a3Zpg6_51vc
Hope it helps.
MCTS - Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
December 10th, 2011 2:48am
It is configured corectly that way, don't worry. Below you will find link regarding how to configure the AD RMS Client:
http://technet.microsoft.com/en-us/library/cc732878(WS.10).aspx
Also how to configure the AD RMS server:
http://technet.microsoft.com/en-us/library/cc732878(WS.10).aspx
Also some usefull vids about AD RMS Configuration 15 min in total:
http://www.youtube.com/watch?v=wO_6gH0Qxgk
http://www.youtube.com/watch?v=a3Zpg6_51vc
Hope it helps.
MCTS - Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
December 10th, 2011 10:44am