Solved

can i use active directory rights mangement services outside of the company domain

Posted on 2012-03-30
4
216 Views
Last Modified: 2012-05-18
can i use active directory rights mangement services outside of the company domain on a large scale
if so
how is this achieved
best practice for deploying this
0
Comment
Question by:dougdog
4 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37787297
It can be done,  I won't blow smoke here, something I've never done.  We had RMS at my last job internally but it was a classified network and we didn't extend it

http://technet.microsoft.com/en-us/library/hh311038(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/dd996632(v=ws.10).aspx

You can search around for more info.

It is going to take a lot of research and planning.

Thanks

Mike
0
 

Author Comment

by:dougdog
ID: 37787314
is it more designed for internal use?
0
 
LVL 26

Accepted Solution

by:
MidnightOne earned 500 total points
ID: 37863896
Short answer: Yes, it can be used for external clients. Yes, it is FAR easier for internal use only.

Longer answer: It requires such an interlocking set of services (SQL, CA infrastructure, OCSP integrated with IIS, client organization CA integration) that it frequently isn't worth the effort.

In addition to mkline71's links, check out the step by step guide to AD RMS as well.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now