Tech Net Welcome Windows Server 2008 Active Directory

Tech. Net 網路廣播 Welcome

Windows Server 2008 Active Directory 版權管理服務 蘇建榮 alan_su@uuu. com. tw 恆逸教育訓練中心(精誠資訊)

大綱 AD RMS 功能與運作 建置與管理 AD RMS 與 AD FS 整合 與 Office Share. Point Server 2007 整合

AD RMS 的新功能 Windows Server 2008 內建 使用 ASP. NET 2. 0 安裝時自動選取所需要的元件(如：IIS、WAS、MSMQ、 Windows Internal Database 等) 可整合 AD FS 進行跨企業合作 自行登記-不需連通 Microsoft MMC 中嵌入的管理單元(可遠端管理) Health Report、Troubleshooting Report

AD RMS 環境中所使用的憑證 SLC 伺服器授權人憑證 Server Licensor Certificate SPC RMS 電腦憑證 RAC 權限帳號憑證 Security Processor Certificate Rights management Account Certificate CLC 用戶端授權人憑證 Client Licensor Certificate PL 發行授權 Publishing License UL 使用授權 Use License

大綱 AD RMS 功能與運作 建置與管理 AD RMS 在 Office 2007 使用受保護文件 AD RMS 與 AD FS 整合 與 Office Share. Point Server 2007 整合

環境、伺服器軟體與用戶端需求 Active Directory Windows Server 2008、Win Srv 2003 或 Win 2000 Srv SP 3 (含以上) Database Server SQL Server 2000 SP 4 或 SQL Server 2005 AD RMS 伺服器的需求 Windows Server 2008 (Windows Web Server 2008 除外) 安裝 MSMQ、IIS 7. 0、ASP. NET 2. 0 NTFS 檔案系統(建議) 若無 SQL Server，可使用 Windows Internal Database，但不能使用 MSDE 用戶端 Windows Server 2008 與 Vista 內建 Win 2000 SP 3、Win XP Pro 與 Win 2003 需安裝RMS Client SP 2 Office Professional 2003 或 Office Enterprise 2007 等

AD RMS 帳號 AD RMS Server 安裝及管理帳號 網域的 Domain Users 與 AD RMS Enterprise Administrators 群組成員 AD RMS Server 本機的 Administrators 群組成員 在 SQL Server 為 System Administrators role AD RMS Server 服務帳號 不能與用來安裝 AD RMS 的網域帳號相同 AD RMS Service Group 及 Domain Users 群組成員 需具備登入 AD RMS Server 本機的權限 使用者及群組帳號 必需設定電子郵件屬性

AD RMS 伺服器硬體需求 最低需求 建議配備 Pentium 4 3. 0 GHz 單 CPU Pentium 4 3. 0 GHz 雙 CPU 512 MB 的記憶體 1 GB 的記憶體 40 GB 的可用硬碟空間 80 GB 的可用硬碟空間 AD RMS Cluster Log DB AD RMS 是使用叢集的方式 建構的 RMS Web Services 一部 AD RMS 伺服器 = AD • Certification • Publishing • Licensing RMS 叢集中的單一節點 NLB HSM

Office Enterprise 2007 Office Professional 2003 也支援的產品 Word、Excel、Power Point、Outlook Office Enterprise 2007 新支援的產品 Info. Path Outlook 更清楚得知郵件是否啟用版權管理 將 AD RMS 叢集 URL 加入近端內部網站 若使用 https，請信任根憑證授權單位

大綱 AD RMS 功能與運作 建置與管理 AD RMS 與 AD FS 整合 與 Office Share. Point Server 2007 整合

在 AD RMS 設定 Federation Identity Support 授予 AD RMS 服務帳號具有Generate Security Audits權利 在 AD RMS 設定 Externet URL 在 AD FS 為 AD RMS 建立宣告感知應用程式 • https: //ADFS站台/_wmcs/certificationexternal/ • https: //ADFS站台/_wmcs/licensingexternal/ 修改 web. config 安裝 Identity Federation Support 在 AD RMS 啟用 Federated Identity Support 修改帳戶夥伴用戶端的 registry

大綱 AD RMS 功能與運作 建置與管理 AD RMS 與 AD FS 整合 與 Office Share. Point Server 2007 整合

設定 MOSS 2007 使用版權管理 使用 IE 將 Share. Point Site 加入近端內部網站 在 Share. Point 3. 0 管理中心授予用戶存取 在 AD RMS 授予 MOSS 2007 Computer Account 對 certification pipeline 存取權 在 Share. Point 3. 0 管理中心啟用 MOSS 2007 的資訊 版權管理 在 Share. Point 站台使用 AD RMS 限制權限

設定 MOSS 2007 使用版權管理 使用 IE 將 Share. Point Site 加入近端內部網站 在 Share. Point 3. 0 管理中心授予用戶存取 在 AD RMS 授予 MOSS 2007 Computer Account 對 certification pipeline 存取權 在 Share. Point 3. 0 管理中心啟用 MOSS 2007 的資訊 版權管理 在 Share. Point 站台使用 AD RMS 限制權限

設定 MOSS 2007 使用版權管理 使用 IE 將 Share. Point Site 加入近端內部網站 在 Share. Point 3. 0 管理中心授予用戶存取 在 AD RMS 授予 MOSS 2007 Computer Account 對 certification pipeline 存取權 在 Share. Point 3. 0 管理中心啟用 MOSS 2007 的資訊 版權管理 在 Share. Point 站台使用 AD RMS 限制權限

設定 MOSS 2007 使用版權管理 使用 IE 將 Share. Point Site 加入近端內部網站 在 Share. Point 3. 0 管理中心授予用戶存取 在 AD RMS 授予 MOSS 2007 Computer Account 對 certification pipeline 存取權 在 Share. Point 3. 0 管理中心啟用 MOSS 2007 的資訊 版權管理 在 Share. Point 站台使用 AD RMS 限制權限

相關資源 Microsoft Windows Server 2008 Home http: //www. microsoft. com/windowsserver 2008/ Microsoft Tech. Net http: //www. microsoft. com/taiwan/technet/ Microsoft Forums http: //forums. microsoft. com/

Tech. Net 訂閱者下載 • http: //www. microsoft. com/taiwan/technet

Training Resources Course ID Title 6416 A Updating Your Active Directory Technology Skills to Windows Server 2008(Beta 3) For training information and availability www. microsoft. com/learning

Readiness with Skills Assessment Self-study learning tool free to anyone. Determines skills gaps. Provides learning plans. Post your Score, see how you stack up. Visit www. microsoft. com/assessment

Become a Microsoft Certified Professiona What are MCP certifications? Validation in performing critical IT functions. Why Certify? WW recognition of skills gained via experience. More effective deployments with reduced costs What Certifications are there for IT Pros? MCP, MCSE, MCSA, MCDST, MCDBA. www. microsoft. com/learning/mcp

Heard the News about Tech. Net? Software without time limits! Complimentary technical support. The most current resources on hand www. microsoft. com/technet/subscriptions

Find all these support options at www. microsoft. com/technet/support Microsoft offers a progressive series of support options starting with no-charge online support and developing through subscription, incident, and contract support. 1. No-Charge Online Support 2. Subscription-Based Support 3. Assisted Incident Support 4. Contract-Based Support Knowledge Base Tech. Net Subscription E-mail Support Premier Support Search a vast database of articles to pinpoint the information you need. Subscribe to Tech. Net for a personal library of articles, service packs, how-tos, resource kits, tools, utilities, and more. Your subscription includes monthly updates delivered on CD or DVD, so you always have the latest information, straight from the source. Get online incident help via e-mail from a Microsoft Support Professional. Upgrade to a Tech. Net Plus subscription and add all this: Save with a discounted 5 -Pack Phone Support contract. 1. Full-version evaluation software, including Microsoft Office System and Windows Server System™ products, without time restrictions. Advisory Services Get the flexibility to match support options to your organization and enjoy direct access to Microsoft technical experts at any time, day or night. Premier Support delivers customized options for businesses with complex needs, including dedicated technical professionals to oversee your support, 24 x 7 problem resolution, and training and workshops that keep your IT staff up to date. Newsgroups Access over 20, 000 active newsgroups on scores of topics. Product Support Centers Get answers to frequently asked questions, plus how-to articles and stepby-step instructions organized by product. DLL Help Database Search here to identify the software used to install a specific DLL version. Events and Errors Message Center Resolve event and error messages fast with explanations, recommendations, and links to support and resources. Support Webcasts Tune in to live technical presentations by Microsoft experts and take part in realtime Q&A. Chats Chat online with Microsoft specialists or search the transcript archives. User Group Program Access information and support for IT and other interest-specific user groups. Tech. Net Security Resource Center Get ahead of security risks with resources that keep you current, including security newsletters and the Microsoft notification service. 2. Free support — two complimentary incidents, plus a discount on other support calls. 3. Unlimited, next-business-day access to reliable answers from the IT community and Microsoft Support Professionals through Managed Newsgroups (English only). Phone Support Get incident help over the phone from a Microsoft Support Professional. Phone Support Contract Add remotely delivered consultation options from Microsoft Advisory Services for proactive support that goes far beyond routine product maintenance. Essential Support offers prepackaged options specifically designed to meet the fundamental support requirements of any business, large or small. Includes account management, problem resolution, and information services.

Where Else Can I Get Help? Free chats and webcasts List of newsgroups Microsoft community sites Community events and columns www. microsoft. com/technet/community