?
Solved

can i use active directory rights mangement services outside of the company domain

Posted on 2012-03-30
4
Medium Priority
?
226 Views
Last Modified: 2012-05-18
can i use active directory rights mangement services outside of the company domain on a large scale
if so
how is this achieved
best practice for deploying this
0
Comment
Question by:dougdog
3 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37787297
It can be done,  I won't blow smoke here, something I've never done.  We had RMS at my last job internally but it was a classified network and we didn't extend it

http://technet.microsoft.com/en-us/library/hh311038(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/dd996632(v=ws.10).aspx

You can search around for more info.

It is going to take a lot of research and planning.

Thanks

Mike
0
 

Author Comment

by:dougdog
ID: 37787314
is it more designed for internal use?
0
 
LVL 26

Accepted Solution

by:
MidnightOne earned 2000 total points
ID: 37863896
Short answer: Yes, it can be used for external clients. Yes, it is FAR easier for internal use only.

Longer answer: It requires such an interlocking set of services (SQL, CA infrastructure, OCSP integrated with IIS, client organization CA integration) that it frequently isn't worth the effort.

In addition to mkline71's links, check out the step by step guide to AD RMS as well.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the evolution of technology, we have finally reached a point where it is possible to have home automation features like having your thermostat turn up and door lock itself when you leave, as well as a complete home security system. This is a st…
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question