Trusted user domains (TUDs) enable an AD RMS cluster to provide licenses to users whose rights account certificate (RAC) was granted by another server in a AD RMS cluster. Exporting a TUD and importing it into another AD RMS cluster allows the cluster to process requests for use licenses from users whose rights account certificates (RACs) are in a different cluster.

Membership in the local AD RMS Enterprise Administrators, or equivalent, is the minimum required to complete this procedure.

To export a trusted user domain
  1. Open the Active Directory Rights Management Services console, and then expand the AD RMS cluster.

  2. In the console tree, expand Trust Policies and then click Trusted User Domains.

  3. In the Actions pane, click Export Trusted User Domain.

  4. The Save As dialog box appears. We recommend that you modify the .bin file name to include the name of your server, such as ADRMS_Cluster1_LicensorCert.bin.

  5. Click Save to save the file with the name and location you specified.

Additional considerations

Additional references