Install and configure Active Directory Rights Management Services
Perform the tasks in this section to install and configure AD RMS.
Select Start > Administrative Tools > Server Manager and then Manage. Select [ Add roles and features ]. In the Before you Begin window, select [ Next ].
Choose the installation type: Role-based or Feature-based installation. Select [ Next ].
In the Server Selection window, select the server from the domain (or local machine) on which to install AD RMS. Select [ Next ].
On the Server Roles page, check the box next to Active Directory Rights Management Services. Then, select [ Next ] and [ Add Features ].
In the Features window, select [ Next ].
In the AD RMS page, select [ Next ].
In the Role Services page, make sure to select Active Directory Rights Management Server. If you need Identity Federation Support, select accordingly, and then select [ Next ].
On the Confirmation page, select [ Install ]. Proceed through the final options.
After the installation finishes, select [ Close ].
Perform the following steps to configure the new installation of AD RMS, including the CSP definition and key generation.
Go to Start > Administrative Tools > Server Manager. Select the flag icon to the left of Manage. Select [ Perform Additional Configuration ] under Active Directory Rights Management Services.
In the Active Directory Rights Management Services page, select [ Next ].
Define whether to create a new AD RMS root cluster or to join an existing one. Select [ Next ].
Define the database server. Select [ Next ].
Define the domain user account. Select [ Next ].
Set the Cryptographic Mode to use RSA2048/SHA256 or RSA1024/SHA1. Select [ Next ].
Select [ Use CSP Key Storage ]. Select [ Next ].
Select the Futurex RSA CSP from the CSP drop-down.
The system attempts to connect to the and query its capabilities.
View the logs (the log location is defined in the CSP configuration file) to confirm that the connection was successful and that no errors occurred.
Define whether to create a new key or use an existing key. Select [ Next ].
Select the AD RMS Cluster WebSite. Select [ Next ].
Define the connection method and the Fully Qualified Domain Name for the site. Select [ Next ].
Define the SSL certificate parameters. Select [ Next ].
Define the Server Licensor Certificate name. Select [ Next ].
Select [ Register the SCP now ] and select [ Next ].
Select [ Install ].
View the logs in the directory defined in the CSP configuration file to confirm success and that no errors occured.