RMS Overview. Microsoft Active Directory Rights Management Services (ADADRMS) offers Information Protection Technology to help businesses prevent information leakage by applying persistent access rights to their digital assets. Microsoft Rights Management Services for Microsoft Windows Server 2008 The following two software components are required to deploy ADRMS: Server software: ADRMS is an inbuilt in Windows 2008 Server and installed and configured through this. Client software: ADRMS includes a client desktop component called Rights Management Client. This component is required for each user who will create or view rights-protected content. It can be downloaded and installed from Microsoft Windows Update or Microsoft Download. The supported operating systems for ADRMS are Microsoft® Windows® XP, Microsoft Windows Server 2008, Microsoft® Windows® 2000 (Service Pack 3), Microsoft® Windows® 98 Second Edition, and Microsoft® Windows® Millennium Edition. The client software will not ship on the physical media contained in the Volume Licensing kit. Note: To install RMS client or related add-in admin right must be required on local machine. ADRMS-enabled application: At the desktop level, an ADRMS-enabled application is required for creating or viewing rights-protected content. Currently only Office 2003 with SP1, office 2007 and office 2010 is supported . Frequently Asked Questions Q1. How to Identify Right protected mail with other mail I receive? A. When you receive Right protected Mail it marked with Red symbol as shown in below Fig. Q2. What should I do if I’m only viewing rights-protected information? A. An ADRMS CAL is required anytime a user creates or views a rights-protected document, e-mail message, or html content. ADRMS validates that the user has permission to view the rights-protected information. This requires a connection to the ADRMS server where the user’s credentials are verified and then a “usage license” is issued Below is the step to open the right protected mail. Step 1: Double click the mail to get is open Step 2: When prompted click ok Step 3: If try to connect to RMS server to obtain permission Step 4: if prompted type your username HCLTech\Username and then password Step 5: Mail should be get opened Step 6: Check the permission you have. Q3. What do I need on the client-side in order to consume or protect RMS-protected content? A. At a minimum, the RMS client software must be installed to consume and to protect content. Office 2003 Professional (or any other RM-enabled application) must be installed in order to protect content such as Office 2003 documents like Word, Excel etc. To consume Office 2003 RMS-protected content, the recipient can use the Internet Explorer-Add-on (RMA) to render the content within IE if they don’t have Office 2003 installed. 2 Q4. How I can create a protected email? A. To create a right protected mail use below steps. Step 1: Click New button in outlook to create a new mail messages Step 2: Click the drop down list as shown in below figure Step 3: Select the Any of Five available Templates for e.g. to create a mail which cannot forward, reply, print select HCL confidential Policy. Step 4: Type the recipient’s name in To and if like other recipients in CC and then compose the mail and send it. 3 Q5. I am not able to create the RMS protected documents? No templates are available. A. Please ensure you have correct version i.e. Office professional or enterprise version. You cannot create right protected document with standard version of MSOffice. Q6. When I try to open right protected mail /Documents it prompt me to install Right Management Client? A. Your machine do not have right management client or client may be corrupted. Please download and install the latest client from the following URL: https://downloads.hcl.com Q7. How to I create rights protect documents? A. To create a right protected Document use below steps. Step 1: Open word/excel Step 2: Click the drop down list as shown in below figure` (File Menu PrepareRestrict Permission) 4 Step 3: Select the Any of Five available Templates for e.g. to protect the document with only read permission (I.e. no print, copy) use HCL Confidential Step 4: Type the contents in documents and save it. Q8. Which All templates available in RMS? A. There are 5 Basic templates available with RMS which is as below. The following Templates are deployed to protect email/contains. 1. 2. 3. 4. Do not forward - Recipients can read messages, but cannot forward, print, or copy contents HCL Confidential - Only Read Rights. HCL Do Not Reply All - Recipient can only reply and cannot reply all or forward. HCL Expiration - Contents will expire after a week time Q9. How do I access the email protected with Right management through OWA over internet and Intranet. 5 A. To access the right management documents with OWA use below steps. Step1: First Install RMS ad-on for IE (6.1 SP1, IE 7 an IE 8) supported OS W2K SP4, Windows server 2003, Windows XP and Windows 7. After installing RMS ad-on we can able to open restricted mail also from internet using OWA. Note: - RMS Ad-on for IE available at https://downloads.hcl.com Step 2: Click on attachment with message.rpmseg Step 3: Click open when prompted Step 4: Click allow if ask 6 Step 5: when we open message over the internet it will ask authentication. Provide window login credential. Step 6: It check permission with RMS server and get the message opened. Q10: Once I consumed any documents or email which is right protected does it again validate the permission when I reopen it? A. No it will not ask. Q11: If I will face Error message (E_DRM_BIND_VALIDITY_TIME_VIOLATED) while opening protected email via OWA? Step 1: Install update patches on windows 7. Patch is available in https://downloads.hcl.com Step 2: Reboot the system after patch installation and re-open. Step 3: Downloads the update patches as per required OS (http://support.microsoft.com/kb/979099) Q12: Can we access protected e-mail via BlackBerry, Apple, IPODs and Nokia devices? Ans: We can’t access protected e-mail via BlackBerry, Apple, IPODs, and Nokia. As currently there is no default Mechanism to access Right protected documents on these devices. Q13. Can we access protected e-mail with MAC OS. Ans: No, we can’t access protected e-mail via MAC OS. Q14. Can we access protected e-mail via Window mobile? Ans: yes, we can access protected email via Window mobile. Perform these steps to setup Active Directory-Rights Management Services on your Windows Mobile phone: 7 Note:-Windows Mobile version should be 6 or later. 1. Before you can set up AD-RMS on your phone, you need to make sure that you have Active DirectoryRights Management Services installed on your computer. If you’re running Windows Vista, AD-RMS is already installed. If you’re running Windows XP, you’ll need to install it through Add or Remove Programs in the Control Panel (if you don’t see Rights Management Services listed in Add or Remove Programs, you can download it directly from the (https://downloads.hcl.com). If you are able to open protected content (a protected document in Office Word, for instance), you have AD-RMS properly installed and configured. Once you have AD-RMS installed, ensure that your computer is connected to your corporate network and to the domain. 2. Connect your phone to your computer through a USB cable. 3. If you’re using ActiveSync: a. In ActiveSync, on the Tools menu, click Advanced Tools > Activate Information Rights Management. b. In the Information Rights Management Activation dialog box, click Yes, and ActiveSync will try to activate IRM automatically. c. If ActiveSync isn’t able to access your credentials, you’ll be asked to re-enter the information, including your user name, password, and domain. Click Retry. d. After you’ve successfully activated Information Rights Management, click OK. 4. If you’re using Windows Mobile Device Center: a. Click Mobile Device Settings > Activate Information Rights Management. b. Enter your credentials (user name, password, domain), and click Activate. c. After you’ve successfully activated Information Rights Management, click Done. 8 Click on Mobile device settings. Click on Active Information Right Management. 9 Enter window login credential and click on Activate. Q15: If RMS template did not appear in MS Outlook 2010 Profession Plus Ans: when we install MS office 2010 registry value by default not create the path of RMS template store in Local system. Step 1. Check RMS folder is applicable in C:\ Step 2:- Make sure RMS Templates is available or not 10 If RMS template not available install RMS client as per OS requirement, as per step no 6. After installing RMS Client do changes in Registry as per below steps Step 3. HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\DRM\AdminTemplatePath points to %LocalAppData%\Microsoft\DRM\Templates 11 Support Contacts - Email: itsd@hcl.in India: +91 (120) 468-3003 Cell No: +91 99 58 95 01 10 US Toll Free no.: 1-866-218-3833 Extn: 120-4873 HCLT VoIP CUG: 20-4873 12