Which additional configuration settings should you configure?

HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server2 that runs Windows Server 2012 R2.
You are a member of the local Administrators group on Server2. You install an Active
Directory Rights
Management Services (AD RMS) root cluster on Server2.
You need to ensure that the AD RMS cluster is discoverable automatically by the AD RMS
client computers and the users in contoso.com.
Which additional configuration settings should you configure? To answer, select the
appropriate tab in the answer area.

HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server2 that runs Windows Server 2012 R2.
You are a member of the local Administrators group on Server2. You install an Active
Directory Rights
Management Services (AD RMS) root cluster on Server2.
You need to ensure that the AD RMS cluster is discoverable automatically by the AD RMS
client computers and the users in contoso.com.
Which additional configuration settings should you configure? To answer, select the
appropriate tab in the answer area.

Answer:

Explanation:

http://technet.microsoft.com/en-us/library/cc753538(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/cc755112.aspx

Show Hint

Leave a Reply 8

Your email address will not be published. Required fields are marked *

Joe

Joe

on the SCP tab you can specify a URL that clients use to connect to the AD RMS cluster

Reply

JeanMalot

JeanMalot

SCP is wrong.
https://technet.microsoft.com/en-us/library/cc725573(v=ws.11).aspx
Register a Service Connection Point
“Membership in the AD RMS Enterprise Administrators and the Enterprise Admins group in AD DS, or equivalent, is the minimum required to complete this procedure.”

user is not an enterprise admin so he cannot setup SCP.

Another way to provide automatic discovery to client is to add an Extranet Cluster URL
https://technet.microsoft.com/en-us/library/cc755112(v=ws.11).aspx
“The last method for AD RMS client service discovery is by means of the issuance license. When rights-protected content is published, the intranet as well as the extranet licensing service URLs are added to the issuance license. When an AD RMS client opens the rights-protected content for the first time and the other methods of service discovery are not available, the client can retrieve the licensing URLs from the issuance license.”

Extranet URLs are configured from Cluster URLs tab.

Reply

MalotJean

MalotJean

SPC is wrong. User does not have appropriate permissions to set up an SPC.

Register a Service Connection Point
“Membership in the AD RMS Enterprise Administrators and the Enterprise Admins group in AD DS, or equivalent, is the minimum required to complete this procedure.”
https://technet.microsoft.com/en-us/library/cc725573(v=ws.11).aspx

AD RMS Client Service Discovery
“The last method for AD RMS client service discovery is by means of the issuance license. When rights-protected content is published, the intranet as well as the extranet licensing service URLs are added to the issuance license. When an AD RMS client opens the rights-protected content for the first time and the other methods of service discovery are not available, the client can retrieve the licensing URLs from the issuance license.”
https://technet.microsoft.com/en-us/library/cc755112(v=ws.11).aspx

Extranet URLs are configured from Cluster URLs tab. That’s the correct answer.

Reply

testing king

testing king

“AD RMS Enterprise Administrators

Members of this group have access to all features in the AD RMS console. During installation of AD RMS, the installing user account is automatically added to this group.”

https://technet.microsoft.com/en-us/library/cc731135%28v=ws.11%29.aspx

answer is SCP

Reply

HentyIII

HentyIII

AD RMS Enterprise Administrators membership is not enough.
You need to be member of both AD RMS Enterprise Administrators (local group) *and* Enterprise Admins in AD (AD group) in order to change SCP.

Cluster URLs is correct.

Reply

Ladybug

Ladybug

Ok to be able to manage SPC we need :
AD RMS Enterprise Administrators (local group) *and* Enterprise Admins in AD (AD group)

So with this information below:

AD RMS Enterprise Administrators

Members of this group have access to all features in the AD RMS console. During installation of AD RMS, the installing user account is automatically added to this group.”

So now we also have it rite or adding manually
==================

Base on the description below:
Administrators

Builtin container

This group has complete control over all domain controllers and all directory content stored in the domain, and it can change the membership of all administrative groups in the domain. It is the most powerful service administrative group.

===================
Enterprise Admins

Users container

This group is automatically added to the Administrators group in every domain in the forest, providing complete access to the configuration of all domain controllers.

===================

This means now we have enough permission to manage SPC base in this story rite?

SCP ? please correct me if I am wrong

Reply