Leverage the Mobile Device Extension for ad rms


Deploying the Mobile Device Extension for AD RMS



Yüklə 3,87 Mb.
səhifə18/20
tarix16.08.2018
ölçüsü3,87 Mb.
#63133
1   ...   12   13   14   15   16   17   18   19   20

Deploying the Mobile Device Extension for AD RMS


The Mobile Device Extension for AD RMS have to be installed on all the nodes in an AD RMS cluster. In our test lab environment’s configuration, all the instructions below should be done on the ADRMS1 computer.

Disabling the IE Enhanced Security Configuration (ESC)


The installation of the Mobile Device Extension implies to download a file from the Internet and should consequently be authorized.

Since the ADRMS1 computer is intended to run on a test lab environment, the IE Enhanced Security Configuration could be disabled for the course of the installation operations.

To disable the IE Enhanced Security Configuration (ESC), proceed with the following steps:


  1. Open a remote desktop connection as LITWARE369\AzureAdmin on the ADRMS1 computer if needed.

  2. Open an elevated Windows PowerShell command prompt if none, and run the following commands:

PS C:\Users\AzureAdmin.LITWARE369> $adminKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"

PS C:\Users\AzureAdmin.LITWARE369> Set-ItemProperty -Path $adminKey -Name "IsInstalled" -Value 0

PS C:\Users\AzureAdmin.LITWARE369> $userKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"

PS C:\Users\AzureAdmin.LITWARE369> Set-ItemProperty -Path $userKey -Name "IsInstalled" -Value 0

PS C:\Users\AzureAdmin.LITWARE369> Stop-Process -Name Explorer

PS C:\Users\AzureAdmin.LITWARE369>

Downloading the Mobile Device Extension for AD RMS


To download the Mobile Device Extension for AD RMS, proceed with the following steps:

  1. From the previous remote desktop connection, open a browsing session and navigate to http://www.microsoft.com/en-us/download/details.aspx?id=43738.

  2. Click Download.



  1. Click Save.

  2. Close the browsing session.

Installing the Mobile Device Extension for AD RMS


To install the Mobile Device Extension for AD RMS, proceed with the following steps:

  1. From the previous remote desktop connection, open a command prompt, navigate to the location of the .exe file, and run the following command to start the setup:

PS C:\Users\AzureAdmin.LITWARE369> cd Downloads

PS C:\Users\AzureAdmin.LITWARE369\Downloads> .\ADRMS.MobileDeviceExtension.exe
The Active Directory Rights Management Services Mobile Device Extension Setup Wizard pops up.



  1. Click Next.



  1. Check I accept the terms in the License Agreement and click Next.



  1. Type the URL of the AD FS server that you configured previously, for example “https://adfs.litware369.comin our illustration, and then click Next.



  1. Click Install.



  1. Click Finish to complete the wizard.

Publishing the Mobile Device Extension endpoints over the Internet


To publish the Mobile Device Extension endpoints over the Internet, proceed with the following steps:

  1. Open a remote desktop connection as LITWARE369\AzureAdmin on the EDGE1 computer if needed.

  2. Open an elevated Windows PowerShell command prompt if none, and run the following commands:

PS C:\Users\AzureAdmin.LITWARE369> $certificateThumbprint = (Get-ChildItem cert:\LocalMachine\MY -DnsName "*adrms*" | Select-Object -First 1).Thumbprint

PS C:\Users\AzureAdmin.LITWARE369> Add-WebApplicationProxyApplication -Name "Microsoft Rights Management Mobile Device Extension" -BackendServerUrl https://adrms.litware369.com/_wmcs/ -ExternalPreauthentication "PassThrough" -ExternalUrl https://adrms.litware369.com/_wmcs/ -ExternalCertificateThumbprint $certificateThumbprint

PS C:\Users\AzureAdmin.LITWARE369> Add-WebApplicationProxyApplication -Name "Microsoft Rights Management Mobile Device Extension" -BackendServerUrl https://adrms.litware369.com/my/ -ExternalPreauthentication "PassThrough" -ExternalUrl https://adrms.litware369.com/my/ -ExternalCertificateThumbprint $certificateThumbprint


Since the AD RMS server is published through WAP, in addition to publishing the /_wmcs folder to the Internet, you need to also publish the /my folder, i.e. https:// adrms.litware369.com/my.

As this point, the semi-automated guided construction of the Azure-based test lab environment is complete.

You may wish to test some content protection scenarios to ensure that the Mobile Device Extension for AD RMS along w/ all the pre-requisites are correctly configured and worked as expected.


Testing the Mobile Device Extension


The Azure-based test lab environment enables to easily test the Mobile Device Extension endpoints from any supported devices connected on the Internet thanks to the above publication of the related endpoints over the Internet.

For that purpose, you can use the release of the RMS Sharing application for Android available at https://portal.aadrm.com that is specially designed to work with the Mobile Device Extension.

If you don’t have any Android device in your possession to do the testing, section § Simulating an Android device in the Appendix provides a procedure to create a virtual machine running on Hyper-V on your local Windows machine to fully emulate such an Android device with an Internet connection.


Yüklə 3,87 Mb.

Dostları ilə paylaş:
1   ...   12   13   14   15   16   17   18   19   20



Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©genderi.org 2024
rəhbərliyinə müraciət
    Ana səhifə
Psixologiya