Thursday, August 11, 2011 8:57 AM
I am working on a scenario : One of my customer has a resources forest, hosting an Exchange 2010 Organization. Each Mailboxes are linked Mailbox, linked to an user account in a domain account (Branch Forest). There are many Branch Forest. We want to deploy RMS for all Branches Forest.
I have found this article, that provide a great step by step : http://technet.microsoft.com/fr-fr/library/ee918789(WS.10).aspx
But I was hoping to use AD RMS with AD FS, in surch this scenario : Deploy AD RMS and AD FS in the resources Forest, and only deploy AD FS in Branches domain. But it seems that with this deployment, users in a Branch Domain cannot create protected documents, only consume protected documents. Is that true?
Thank you for your answer and for your advice in implementing this kind of scenario
Olivier Detilleux - Service Line Manager | Core Infrastructure Department - vNext http://www.vnext.fr - http://myitforum.com/cs2/blogs/forefrontsecurity/
Tuesday, May 15, 2012 10:25 AM
We are implementing this architecture (with AD FS 2.0) for one of our customers and I can say that the answer is Yes
Users located in the Branch office will not be able to create a protected document, only consume the protected document
Idan Plotnik, Identity and Security Engineer, MVP
Foreity - Intelligent Security
- Marked As Answer by Brad Mahugh - MSFTModerator Thursday, April 25, 2013 11:13 PM