The following steps in this checklist describe the tasks required to configure identity federation support with Active Directory Rights Management Services (AD RMS) cluster.
- Assign a secure sockets layer (SSL) certificate to the Web site
that will be hosting the AD RMS cluster.
- Install and configure the AD RMS cluster.
- Grant the AD RMS service account privileges to Generate
Security Audits found in the Local Security Policy console.
This privilege allows the AD RMS service account to generate
events and write them to the Security log.
- On the AD FS resource partner, create a claims-aware
application for the AD RMS certification and licensing
pipelines.
- Configure the AD RMS extranet cluster URL by using the
Active Directory Rights Management Services console.
- Add the AD RMS Identity Federation Support role service by
using Server Manager.
For detailed instructions about setting up AD RMS and AD FS, see AD RMS with AD FS Identity Federation Step-by-Step Guide (http://go.microsoft.com/fwlink/?LinkId=72135).