Setting Properties on Objects in the AD RMS Drive Namespace
Updated: October 22, 2009
Applies To: Windows Server 2008 R2, Windows Server 2008 R2 with SP1
Setting properties on objects in the drive namespace is similar to using a wizard to specify configuration settings when installing a server role. Before you can finish the installation by running the Install-ADRMS cmdlet, you must provide necessary information about the initial configuration of the server role. The following table lists the required settings and the properties that represent those settings in the drive namespace.
| Setting name | Property name | Location |
|---|---|---|
Setting the database server |
ServerName |
<drive>:\ClusterDatabase |
Setting the database name |
DatabaseName |
<drive>:\ClusterDatabase |
Setting the cluster key password |
CentrallyManagedPassword |
<drive>:\ClusterKey |
Setting the service account |
ServiceAccount |
<drive>:\ |
Setting the cluster Web site |
WebSiteName |
<drive>:\ClusterWebSite |
Note
The CentrallyManagedPassword property is not available if you are using either a software- or hardware-based cryptographic service provider (CSP) to protect the cluster key. If you are using a CSP, you must manually move the cluster key to the other computers before installing AD RMS. Consult the CSP documentation for procedures on moving the cluster key.
The following sections describe the configuration settings you must specify by setting properties on objects in the Windows PowerShell drive namespace when adding a server to an existing Active Directory Rights Management Services (AD RMS) cluster.
Setting the database server
When an AD RMS server is provisioned as a member of an existing cluster, it must be configured to use the cluster database server.
To set the cluster database server
At the Windows PowerShell command prompt, type:
Set-ItemProperty -Path<drive>:\ClusterDatabase -Name ServerName -Value <db_server>where <drive> is the name of the Windows PowerShell drive and <db_server> is the name of the cluster database server.
Back to top
Setting the database name
When the AD RMS server role is installed on the first server in a cluster, AD RMS creates a database on the specified server that it uses to record configuration, logging, and other information. When another AD RMS server is joined to the cluster, it must be configured to use the same database.
To set the cluster database name
To list the database instances hosted by the cluster database server, at the Windows PowerShell command prompt, type:
Get-ChildItem -Path<drive>:\ClusterDatabase\DatabaseInstancewhere <drive> is the name of the Windows PowerShell drive.
To list the databases hosted by a database instance, at the Windows PowerShell command prompt, type:
Get-ChildItem -Path<drive>:\ClusterDatabase\DatabaseInstance\<db_instance>where <drive> is the name of the Windows PowerShell drive and <db_instance> is the name of a database instance.
To set the database name, at the Windows PowerShell command prompt, type:
Set-ItemProperty -Path<drive>:\ClusterDatabase -Name DatabaseName -Value “<db_name>”where <drive> is the name of the Windows PowerShell drive and <db_name> is the name of the cluster database.
Back to top
Setting the cluster key password
If you are using AD RMS to centrally manage the cluster key, you must set the cluster key password before you can add the server to the cluster.
To set the centrally managed cluster key password
To securely store the cluster key password in a variable, at the Windows PowerShell command prompt, type:
$password = Read-Host -AsSecureString -Prompt “Password:”Type the cluster key password, and then press the ENTER key.
At the Windows PowerShell command prompt, type:
Set-ItemProperty -Path<drive>:\ClusterKey -Name CentrallyManagedPassword -Value $passwordwhere <drive> is the name of the Windows PowerShell drive.
Back to top
Setting the service account
During installation, AD RMS creates the AD RMS Service Group on the local computer and grants it appropriate permissions on all of the resources that are required for AD RMS to operate. When you install the AD RMS server role, you must define a domain account for use as the AD RMS service account. That account is made a member of the AD RMS Service Group, and it is granted the permissions that are associated with this group. During routine operations, AD RMS runs under the AD RMS service account.
Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure.
To set the AD RMS service account
At the Windows PowerShell command prompt, type:
$svcacct = Get-CredentialA dialog box appears.
In the dialog box, type the account domain and name (in the form <domain>\<account>) and password.
At the Windows PowerShell command prompt, type:
Set-ItemProperty -Path<drive>:\ -Name ServiceAccount -Value $svcacctwhere <drive> is the name of the Windows PowerShell drive.
Back to top
Setting the cluster Web site
Before completing the installation of the AD RMS server role, you must specify the Web site where the AD RMS Web services will be installed if you are not using the default Web site. If you have installed the Internet Information Services (IIS) 6 Management Compatibility Service, you can get a listing of the Web sites hosted on the server by typing at a Windows PowerShell command prompt:
Get-ChildItem -Path <drive>:\ClusterWebSite
where <drive> is the name of the Windows PowerShell drive.
Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure.
To set the cluster Web site
At the Windows PowerShell command prompt, type:
Set-ItemProperty -Path<drive>:\ClusterWebSite -Name WebSiteName -Value “<web_site>”where <drive> is the name of the Windows PowerShell drive and <web_site> is the name of the Web site to be used to host the AD RMS Web services.
Back to top
See Also
Concepts
Joining an Existing Cluster
Creating an AD RMS Server Windows PowerShell Drive
Running the Install-ADRMS Cmdlet