In general, we can password the Word file, set to read-only, prohibit copying or even the content into a picture to protect, but this is limited to a small number of personal documents, if it is the enterprise daily production of a large number of Word documents easy to use this method is not good, Today we introduce the technical solution is through adrms to protect the enterprise's large number of documents. Most enterprises pay more and more attention to the establishment of KM (knowledge management system) the establishment of KM can effectively solve the problem of enterprise in knowledge management for some confidential documents with commercial interest (e.g. product Development specification file), How to avoid the information outflow in the management of security? Next we learn more about Microsoft's IRM solution, which allows managers to make advanced security management of file and email delivery.
The solution of IRM is simply to manage the rights to copy, cut, print, archive, save, and forward the message for the content of a particular file, and IRM is not a panacea, of course. IRM does not prevent malicious programs (for example, Trojan horses, key loggers, and certain types of spyware) from purging, stealing, or capturing and transferring content, manually copying or typing restricted content by the display on the recipient's screen, copying restricted content using a third-party screen capture program, There is no way to do this.
IRM can be run in two ways, namely, the integrated operation of IRM and. Netpassport, and the Wrms (windowsrightsmanagementservices) which is built directly into the enterprise. In WindowsServer2008 we call it a adrms (activedirectoryrightsmanagementservices) server role. The use of IRM is very simple, as long as you open the above mentioned MicrosoftOffice2007, the first execution will appear as a picture of the information window, in the information content prompts us to first connect to the Microsoft Web site, If you use OFFICE2003 will download the client software (MSDRMClient.exe).
For users who do not have a copyright Management Server (adrms) in the Enterprise, Must be used in conjunction with Microsoft.netpassport services, so that only a single user can achieve the goal of self file management, and each time an IRM service is required, it must be connected to the Microsoft Web site. Therefore for the enterprise real IRM application, not only cannot do the effective authority centralized management, but also cannot as the enterprise long-term use.
Install Adrms
Let's take a look at installing Setup adrms on WindowsServer2008. But the premise is that you have to properly configure the Active Directory and install IIS. For 2008 domains, the security policy for the default domain differs from the 2000 domain. Requires that the password for the domain user must meet complexity requirements, and that the minimum password length is 7. Password complexity includes three: first, capital letters, lowercase letters, numbers, symbols four must have 3, the second is the minimum password length of 6, three is the password should not include all or part of the user name. To make it easier to create ad users, we need to modify the password policy, first enter Gpmc.msc, select the Default Domain policy in Domain Policy Lee, right-click the button