Does this meet the goal?

An organization uses an Active Directory Rights Management Services (AD RMS) cluster named RMS1 to protect content for a project. You uninstall AD RMS when
the project is complete.
You need to ensure that the protected content is still available after AD RMS is uninstalled.
Solution: You enable the decommissioning service by using the AD RMS management console. You grant all users the Read & Execute permission to
the decommission pipeline.
Does this meet the goal?

An organization uses an Active Directory Rights Management Services (AD RMS) cluster named RMS1 to protect content for a project. You uninstall AD RMS when
the project is complete.
You need to ensure that the protected content is still available after AD RMS is uninstalled.
Solution: You enable the decommissioning service by using the AD RMS management console. You grant all users the Read & Execute permission to
the decommission pipeline.
Does this meet the goal?

A.
Yes

B.
No

Explanation:
The proper procedure is:
Inform your users that you are decommissioning the AD RMS installation and advise them to connect to the cluster to save their content without AD RMS protection.
Alternatively, you could delegate a trusted person to decrypt all rights- protected content by temporarily adding that person to the AD RMS super users group.
After you believe that all of the content is unprotected and saved, you should export the server licensor certificate, and then uninstall AD RMS from the server.

Show Hint

Leave a Reply 6

Your email address will not be published. Required fields are marked *

no

no

This should be, B: NO
To have AD RMS content available after uninstall, you must first tell your users to save their AD RMS content without protection, then DECOMMISSION the AD RMS Cluster, not simply uninstall.

Reply

hippo

hippo

dude, stop fucking commenting with wrong bulshit explanations you’ve learned from some stupid ass dump. The explanation fully explains everything and your annoying comment doesn’t help at all people. Answer is correct. Please, STFU…

https://technet.microsoft.com/en-us/library/cc771071(v=ws.10).aspx

Reply

no

no

Funny, you’re on the same website and you’ve obviously gotten here the same way 🙂 You must be a joy in person…

Reply

Zola

Zola

To decommission AD RMS
Log on to the server on which you want to decommission AD RMS.
Modify the access control list (ACL) on the decommissioning.asmx file by granting the Everyone group Read & Execute permissions. The default location for this file is %systemdrive%\inetpub\wwwroot\_wmcs\decommission.
Open the Active Directory Rights Management Services console and add the AD RMS cluster.
Expand the AD RMS cluster, expand Security Policies , and then select Decommissioning .
Select the Enable Decommissioning option in the Actions pane.
Click Decommission .
When prompted, click Yes to confirm that you want to permanently decommission the AD RMS installation.
Repeat steps 1–7 for all AD RMS servers in the cluster.
Inform your users that you are decommissioning the AD RMS installation and advise them to connect to the cluster to save their content without AD RMS protection. Alternatively, you could delegate a trusted person to decrypt all rights-protected content by temporarily adding that person to the AD RMS super users group.
After you believe that all of the content is unprotected and saved, you should export the server licensor certificate, and then uninstall AD RMS from the server.

Reply

Zola

Zola

so answer is yes

Reply

Zola

Zola

The other way of decommissioning AD RMS is
At the Windows PowerShell command prompt, type:
Set-ItemProperty -Path :\ -Name IsDecommissioned -Value $true -EnableDecommission
where is the name of the Windows PowerShell drive.
This is done without the interface. and then after everyone has unprotecting their shit you can uninstall the AD RMS

Reply