Although users are free to author rights-protected content and define access rights to the content, many organizations want to implement a central policy governing who has access to data and under which rights. On RMS Licensing Servers, you can create templates that define who has access to content, as well as the specific access granted on a per-user or per-group basis and other restrictions, such as how long a user is granted access to content or the validity period for an EUL (useful if you want to force users to obtain new EULs frequently if the rights protection granted to content through templates is likely to change). Figure A shows an example of an RMS template. After you create a template on an RMS Server, you need to distribute it to users on the network as an eXtensible rights Markup Language ( XrML) file. SQL Server stores templates in the RMS configuration database. Office 2003 applications require a registry setting to point to the location of RMS templates. The RMS Server signs the templates, and if a malicious user tries to modify a template in an attempt to change access to rights-protected content, the RMS Client won't allow the template to be used. When an application requests an EUL from the RMS Server for content protected through use of a template, the rights granted to the user are the rights specified in the template stored in the configuration database at the time the EUL request is made, not the rights specified in the template file that was in use when the content was protected. The users, rights, and restrictions contained in the template file are displayed when a data author protects content.
Templates provide an additional feature: the ability to use revocation features built into RMS. When you create a template, you can specify the location of a revocation list, which has a specified period of validity. When a user attempts to use rights-protected content, he or she must have both a valid EUL and a copy of a valid revocation list on the RMS Client. If the user or the content is listed in the revocation list, or if no valid revocation list is available, the user won't be able to access the content. The RMS Client will attempt to download the revocation list from the location specified in the template and copied to the EUL when the EUL was issued, and store it in the user's machine-local profile.
During his first-ever Consumer Electronics Show (CES) 2009 keynote address last night in Las Vegas, Microsoft CEO Steve Ballmer announced the pending public availability of a feature-complete Windows 7, the final version of Windows Live Essentials, and ...
Microsoft Learning Snack - Green IT Through Virtualization Many organizations face rising operating costs caused by excessive energy consumption. Virtualization and "Green IT" can help cut these costs. Get the information you need to bring Green IT savings to your business.
Order Your Fundamentals CD Today! Register today for your in-depth copy of one of three Fundamental CDs on the following topics – Exchange, SQL, and SharePoint.
Microsoft Learning Snack - Virtualization Basics With virtualization, computing components essentially become on-demand services, freeing each element of a system from the others. This short video explains the needs, benefits, and technologies behind virtualization.
Microsoft Learning Snack - Virtualization Basics With virtualization, computing components essentially become on-demand services, freeing each element of a system from the others. This short video explains the needs, benefits, and technologies behind virtualization.
Empower Your Processes with PowerShell 201 Paul Robichaux delves deep into PowerShell how-tos in 3 informative lessons, each followed by live Q&A—all on your own computer! Register today!
Microsoft Learning Snack - Green IT Through Virtualization Many organizations face rising operating costs caused by excessive energy consumption. Virtualization and "Green IT" can help cut these costs. Get the information you need to bring Green IT savings to your business.
New Release: Windows IT Pro Master CD 13 years of content archives, fast answers with advanced search tools, and full access to WindowsITPro.com—order today!
Register
