Active Directory Rights Management Services (RMS) l mt dch v nhm bo v bn quyn cho tc gi trnh tnh trng sao chp,

chnh sa cc ti liu m tc gi chia s ccUser khc. Cc kiu d liu m Active Directory Rights Management Services h tr l Microsoft Office 2003, Microsoft Office 2007. Trong bi ti s ng dng RMS trong vic bo v bn quyn trong MS Word v MS Office Outlook trnh tnh trng ngi nhn chnh sa ti liu cng nh Forward ni dung th cho ngi khc. V RMS i hi phi c Certificate chng thc nn trong h thng chng ta cn phi c mt CA Server, v tn dng ti a kh nng mnh m ca RMS i hi h thng ta phi nng cp ln DC Trong m hnh ny ti s dng 2 my trong : - My PC01 l my DC Server c domain l gccom.net v s t mt s dch v nh CA Server, Web Server, Mail Server - My PC02 l chy Vista ng vai tr l my Client ci cc ng dng Microsoft Office Outlook, Microsoft Office Word Join vo Domain Cu hnh IP cc my nh sau:

My

c tnh
Name IP Address Subnet Mask Default gateway Preferred DNS

PC01
Server
192.168.1.1

PC02
Client
192.168.1.2

Card Lan

255.255.255.0

255.255.255.0

Card Cross

IP Address Subnet Mask Default gateway Preferred DNS

Card Lan: ni gin tip 2 my PC01 & PC02 vi nhau thng qua Switch Card Cross: ni trc tip cc cp my PC01 vi PC02

Ti my DC Server bn vo Active Directory Users and Computers to 3 User l gccom1, gccom2, gccom3 Test To mt User gccomRMS User ny dng qun l chng thc cho RMS

Tip tc bn Add User gccomRMS vo Group Domain Admins

Bc tip theo ti s tin hnh ci t mt Mail Server trong bi cho n gin ti s ciMail Server ln my DC Server v chng trnh Mail Server m ti s dng l Kerio Mail Server v6 To mn hnh Configuration ca Kerio MailServer bn nhp Domain ca DC Server vo Domain Hostname bn nhp tn y ca Mail Server

Kerio MailServer s yu cu bn to mt Mailbox mi vi Account ny s dng qun l ton b User trong Kerio MailServer, trong bi ti to mt Account mi l Admin

Sau khi ci t hon tt bn vo Start -> Programs -> Kerio -> Administration Console chy chng trnh chnh Kerio MailServer

Ti mn hnh ng nhp bn nhp Account Admin vo v nhp Connect

Tip tc chn Domain Settings -> Users Chn Add th to thm cc Mailbox mi

Ti to mt Mailbox mi vi User l mail1

Tng t to cc Mailbox khc l mail2 , mail3

Nhp Apply thc thi

Tr li Active Directory Users and Computers gn a ch Email cho cc User tng ng nh sau: gccom1 c Email l mail1@gccom.net gccom2 c Email l mail2@gccom.net gccom3 c Email l mail3@gccom.net

ng nhp vi gccom1 v gi mt mail test n gccom2 xc nhn rng h thng phi gi v nhn Mail tt

By gi ta s tin hnh ci t Cerificate trong bi cho n gin ti s c Certificate ln ngay my DC Server Ti my DC Server bn chn Server Manager -> Roles -> Add Roles Tip tc chn Active Directory Certificate Services trong mn hnh Select Server Roles

Trong mn hnh Select Role Services bn chn 2 mc l Certificate Authority vCertificate Authority Web Enrollment

V mi trng chng ta l Domain nn trong mn hnh Specify Setup Type bn chnEnterprise

Mn hnh Server Manager sau khi ci t Certificate hon tt

Bc tip theo ta s cu hnh IIS h thng t ng chng thc Certificate cho RMS

Bt Internet Information Services (IIS) ln chn Server Certificates trong Server Home

Trong mn hnh Server Certificates ta thy xut hin 2 Certificate y chnh l ccCertificate ca CA Server v DC Server V mi trng ta l Domain nn ti mn hnh Server Certificates click chn Create Domain Certificate

Nhp chnh xc tn ca CA Server vo Common name cc cn li ty

Trong ca s Online Certification Authority bn nhp chn Select

Chn Certificate ca CA Server trong bi chnh l gccom-SERVER-CA

t tn cho Certificate ny trong mc Friendly name trong bi ti t tn cho Certificate ny l Rights Management Services

Mn hnh sau khi hon tt

Tip tc chn Default Web Site trong IIS Nhp phi vo SSL Settings chn Bindings

Ca s Site Bindings hin ra nhp chn Add

Add thm mt Type mi l https v chn Rights Management Services trong SSL certificate

Mn hnh sau khi hon tt

n y ta hon tt vic cu hnh cc dch v cn thit l ng c tin n thip lpRMS cho h thng (cn tip)