On a recent project I got the chance to work with Information Rights Management with SharePoint 2007. I decided that it would be quite useful if even only for me and maybe my colleagues to document the process I took to get it working with SharePoint. So to begin in my now demonstration system I have the following:
Domain Controller - Windows 2003 R2 + IRM SP2
Database Server - Windows 2003 R2 + SQL Server 2005 SP2
SharePoint Server - Windows 2003 R2 + SharePoint 2007 Enterprise and Reporting Services
So let's begin by installing IRM on the domain controller, obviously best practice would choose to not install it on a DC but for demonstration purposes I would say it is ok. Anyway firstly you will need to download the following files and copy them to the following servers:
|
File |
Server |
|
WindowsRightsManagementServicesSP2-KB917275-Server-ENU.exe |
Domain Controller in this system or your IRM Server |
|
WindowsRightsManagementServicesSP2-KB917275-Client-ENU-x86.exe |
SharePoint Server |
Click the file to start the install process on the IRM Server and just follow the wizard for a base install. It should only take a short while. Once it is completed you should then be able to see the "Windows RMS" menu items on the start menu.
Select the option "Windows RMS Administration" and the following page should lad within your browser.
As you can see I only have one web site on my server, that is the default web site and for this installation we will use this one. Click the "Provision RMS on this Web Site" and the configuration page should load asking for the following details:
If you are connected to the internet then you can use the "Online" option, in my demonstration my VM's are not connected to the internet so I will show you how to enrol the server offline.
Once all the items have been completed the application should then start the provisioning process. You should get the "Cog" screen appear and show you the current process of the provisioning process.
NOTE: if you get the following error and you are trying to install IRM on a domain controller you will need modify the domain controller policy to allow the "RMS_Service" acount (if that is what you have a called it) to "Log on Locally" to the server. Once done it should continue and complete.
The completed screen should look like this:
Now we need to access the "Global Administration Home Page" by selecting the link shown above. As I have chosen to not enrol online due to the servers not being connected to the internet I am now prompted to enrol the server:
By clicking the "Enrol" option I am then prompted again to select what type of enrol I wish to complete. Once again I am going to select the "Offline" option and then press the "Export" option to get the first half of the security key.
Save the file to your machine somewhere as you will need this later on. You will then need to access the following website:
https://go.microsoft.com/fwlink?LinkId=25828
The following site should load:
All you then need to do is browse to the server key you saved earlier and then submit it to the Microsoft Servers. This will then create you the enrol key that you need and ask you to save the file to your machine again.
Once saved you will then need to import this key into the enrol screen that you should still have open.
Once you have said yes to import it should then enrol your server and return the following page.
Now we have the server enrolled we are ready to connect it to our SharePoint Server. As a note at this point we only have a very "vanilla" system that will work perfectly but isn't really configured for users yet. In the next post we will configure the SharePoint Server.