OK. Today's feature presentation will complete our IRMCheck series. After this lesson everyone who reads this will be dubbed 'the expert' within your company walls, so beware...reading this may cause you to be given MORE WORK!
RMA Activation Service - HKEY_LOCAL_MACHINE\Software\Microsoft\RMA\Activation\ServiceLocationReg_SZ:defaultValue:<http://url.to.your.rms.server/_wmcs/Certification>
Not Documented. This is similar to the ActivationServer setting for Office, but this applies to the Rights Management Add-on (RMA) for IE. What is the RMA for I.E.? Well, lets say that you don't have Office 2003, but you want to be able to open RMS protected content. Install this puppy, and you will be able to view (not edit), RMS protected content, assuming you have everything setup properly. BEWARE: RMA is in maintenance mode right now, which means there will be no further releases. We are moving to wards XPS format, and there is (or will be) a nifty replacement plug-in for RMA.
Another oddity about this is that you can actually set this in several places either under HKLM, or HKCU. RMA checks in both places. You can also control which particular service you want to control activation to, by setting the ServiceLocation key under the following other keys:
HKEY_LOCAL_MACHINE\Software\Microsoft\RMA\Activation\WindowsAuthProvider\<DOMAIN>\ <--To be really specificHKEY_LOCAL_MACHINE\Software\Microsoft\RMA\Activation\WindowsAuthProvider\ <-- To blanket all WindowsAuthHKEY_LOCAL_MACHINE\Software\Microsoft\RMA\Activation\PassportAuthProvider\ <-- Passport ServiceHKEY_LOCAL_MACHINE\Software\Microsoft\RMA\Activation\ <-- Blanket everything RMA
RMA Enterprise Certification Service - HKEY_LOCAL_MACHINE\Software\Microsoft\RMA\Certification\ServiceLocationReg_SZ:defaultValue:<http://url.to.your.rms.server/_wmcs/Certification>
Not Documented. This is similar to the CorpCertificationServer setting for Office, but this applies to the Rights Management Add-on (RMA) for IE, and similar keys apply as above:
HKEY_LOCAL_MACHINE\Software\Microsoft\RMA\Certification\WindowsAuthProvider\<DOMAIN>\ <--To be really specificHKEY_LOCAL_MACHINE\Software\Microsoft\RMA\Certification\WindowsAuthProvider\ <-- To blanket all WindowsAuthHKEY_LOCAL_MACHINE\Software\Microsoft\RMA\Certification\ <-- Blanket everything RMA
RMA Cloud Certification Service - HKEY_LOCAL_MACHINE\Software\Microsoft\RMA\Certification\PassportAuthProvider\ServiceLocationReg_SZ:defaultValue:<http://url.to.your.rms.server/_wmcs/Certification>
Not Documented. This is similar to CloudCertificationServer setting for Office, but this applies to the Rights Management Add-on (RMA) for IE.
RM Activation Service - HKEY_LOCAL_MACHINE\Software\Microsoft\MSDRM\ServiceLocation\ActivationReg_Sz: defaultValue:<http://url.to.rms/_wmcs/Certification>
These are the 'Big Daddy' keys of RMS. Setting these will control 'any' RMS enabled application on your machine. These are the 'God' keys if you will. If you don't want granularity, set these.
RM Enterprise Client Enrollment Service - HKEY_LOCAL_MACHINE\Software\Microsoft\MSDRM\ServiceLocation\EnterprisePublishingReg_Sz: defaultValue:<http://url.to.rms/_wmcs/Licensing>
See above description.RM Cloud Client Enrollment Service - HKEY_LOCAL_MACHINE\Software\Microsoft\MSDRM\ServiceLocation\CloudPublishingReg_Sz: defaultValue:<http://url.to.passport.service/_wmcs/Licensing>
See above description, and follow those instructions.
Use Proxy Server - This specifies if the proxy server is turned on for the client.Proxy Server - This specifies what the proxy server URL is.Don't use proxy server for - This specifies what the exception list for the proxy server is. Use proxy autoconfig script from - This specifies where the proxy autoconfig location is.IE Enhanced Security - This specifies if Windows 2003 Enhanced IE security is turn on.The Enterprise Service Discovery Results Section====================================================This section shows the results of calling DRMGetServiceLocation() function (mentioned in IRMCheck Pt. 3) to find the local Enterprise RMS services. The following table correlates the IRMCheck information to the DRMServiceLocation() flags.RM Activation Service - DRM_SERVICE_TYPE_ACTIVATION - Machine activation serviceRM Certification Service - DRM_SERVICE_TYPE_CERTIFICATION - Rights Account Certificate activation serviceRM Online Publishing Service - DRM_SERVICE_TYPE_PUBLISHING - Issuance License signing service.RM Client Enrollment Service - DRM_SERVICE_TYPE_CLIENTLICENSOR - Client Licensor Certificate service. This is going to tell you if you have properly registered your SCP. :)
I hope that all of this information was useful, and informative. If you already knew all of this, then go out and buy yourself a t-shirt that says RMS GURU. Just don't wear it to work, or they will give you more work. :)
Hi Jason, great review.
Can you please elaborate on the "Use proxy autoconfig script from" entry.
How is it used in an organization, what is an autoconfig script?