Active Directory Rights Management Service (AD-RMS) and Windows Certificate Authority (CA)
We have AD-RMS and our own CA currently installed, but we are having trouble pushing out AD-RMS templates, and need to run some tests to find out if there is an incompatibility with some of the Company Security Software.
We need a quick review of our setup, and guidance on additional configuration and deployment.
Need to review using security certificates to encrypt .PDF files.
We have just been asked to expand usage of our AD-RMS infrastructure to other Company divisions (to people not in our Active Directory)
need help designing and rolling out that capability.
Our PKI has a stand-alone, offline root CA implemented as a Hyper-V VM (2GB ram, 2 cores).
Our PKI has an enterprise subordinate CA implemented as a Hyper-V VM (2GB ram, 2 cores).
The certificate on our subordinate CA expired recently
we were able to renew it and all the server certs that it had issued, but RMS is still handing out an expired certificate.
Our AD-RMS infrastructure has 2x Hyper-V VMs (2GB ram, 2 cores) configured in an RMS cluster.
4. Exchange 2010
We have Exchange 2010 installed, configured and working.
We need some help on requiring client certificates for OWA and ActiveSync access, and on how to block access to attachments when using OWA and ActiveSync, but not when using Outlook.
A complete audit of configuration and settings would be welcome.
Exchange is deployed on a single Hyper-V VM (8GB ram, 4 cores, 127GB HDD for system, 6GB HDD for logs, 18GB HDD for databases), running the Hub, Mailbox and Client Access roles.
We are covered for both user and device CALs.
We have not yet set limits on the types of mobile device hardware that will be supported.
Our need here is to provision 2-factor authentication and restrict access to attachments.
An audit is fine, but not required.