Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1
Topic Last Modified: 2007-11-08

Planning for the integration of the Active Directory Rights Management Services (AD RMS) Prelicensing agent into your Microsoft Exchange environment requires software updates and setup procedures, in addition to coordination between you, as Exchange administrator, and the AD RMS administrator.

The AD RMS Prelicensing agent is included in Microsoft Exchange Server 2007 Service Pack 1 (SP1). You must be running Exchange 2007 SP1 on all Hub Transport servers in your organization to enable the AD RMS functionality in Exchange 2007.

Understanding RMS and the AD RMS Prelicensing Agent

The term Rights Management Services (RMS) encompasses all the server and client technologies that are required to support Information Rights Management (IRM) in an organization. The AD RMS certification root and licensing clusters in the organization, together with the Microsoft-hosted RMS services, which are services that run the enrollment, activation, and RMS account certification services, certify trusted entities that are in the AD RMS system. In addition, the AD RMS licensing servers in the organization issue publishing and use licenses that control how rights-protected content is used by the AD RMS-enabled client applications. RMS client technologies, including the AD RMS client, lockbox, and RMS-enabled applications such as Microsoft Outlook, run on client computers and let users create, publish, and use rights-protected content.

The different AD RMS client and server technologies work together to support the following functions:

  • Creating rights-protected content

  • Licensing and distributing rights-protected content

  • Acquiring licenses to decrypt rights-protected information and enforcing usage policies

The Active Directory directory service provides authentication for users of RMS.

AD RMS Prelicensing Agent

The AD RMS Prelicensing agent, which is a managed software component that performs a task in response to an application event, uses this technology to deliver content to e-mail recipients through Microsoft Office Outlook 2007 and Microsoft Windows Mobile 6.0.

The AD RMS Prelicensing agent improves the experience of Exchange users when they open rights-protected e-mail messages. Users no longer have to wait for the e-mail client to contact an AD RMS cluster to open a rights-protected message. This functionality improves the offline and mobile device synchronization scenarios. In the offline scenario, when a user is running Outlook in cache mode, rights-protected messages are pre-licensed so that if a user opens the rights-protected message when the user is offline, the content is accessible. For mobile devices that synchronize with Exchange 2007, rights-protected messages that are synchronized to the devices running Windows Mobile 6.0 are pre-licensed.

The AD RMS Prelicensing agent is part of the Exchange 2007 installation but is not enabled or configured.

Working with the AD RMS Administrator

To use the AD RMS Prelicensing agent, you must collaborate with the AD RMS administrator to upgrade the AD RMS server or AD RMS cluster to RMS Server 1.0 SP2 or to Active Directory Rights Management Services on Windows Server 2008 – X64.

Note:
The AD RMS server can be configured to use either the HTTP protocol or the HTTPS protocol when it communicates with the AD RMS Prelicensing agent. By using the HTTPS protocol (HTTP over SSL), you prevent unauthorized users from monitoring traffic to determine who is receiving rights-protected messages.

AD RMS Software Requirements

Exchange 2007 requires the following software versions to use the AD RMS Prelicensing agent:

  • Windows RMS Client 1.0 SP2 or Active Directory Rights Management Services client on Windows Server 2008 – X64 must be installed on the Exchange 2007 Hub Transport server that hosts the AD RMS Prelicensing agent.

    Note:
    Active Directory Rights Management Services client is installed by default on Windows Server 2008 - X64.
  • RMS Server 1.0 SP2 or Active Directory Rights Management Services on Windows Server 2008 – X64 must be installed on AD RMS servers that issue licenses.

For information about how to download the Windows RMS Client on Windows Server 2003 SP2 release, see Windows Rights Management Services Client with Service Pack 2 - X64.

For information about how to download the RMS Server 1.0 SP2 release, see Windows Rights Management Services.

For information about the feature changes between Windows Server 2003 and Windows Server 2008, see Terminology Changes.

For More Information

For more information about how to plan for the AD RMS Prelicensing agent, see Understanding the AD RMS Prelicensing Agent.

For more information about how AD RMS works and about configuration tasks for the AD RMS administrator, see How RMS Works.