Wednesday 20 February 2013

Considerations for moving or migrating ADRMS



Moving ADRMS is a challenging task which needs proper planning and understanding of the environment. You need to consider keeping back up of the environment i.e. ADRMS database has to be backed up before going for ADRMS upgrade or movement.

Hence first decide whether to upgrade the existing environment or migrate the set up
Upgrading involves the risk of upgrading the server from windows server 2008 to windows server 2008 R2 with the download package available from Microsoft.But migrating the set-up to new windows server 2008R2 would be more safe and feasible option which involves considerably more steps but it’s a reliable option.

Some of the points given on Microsoft TechNet article need to be considered carefully
  •            If you are upgrading from any version of Rights Management Services (RMS) to AD RMS, do the following: Back up the RMS databases and store in a secure location.
  •            If you are using centrally managed keys, you should have the password prior to beginning the upgrade.
  •             AD RMS requires that the service account be a domain user account. If RMS has been using the local SYSTEM account for the service account, you will need to specify a domain user account during the upgrade to AD RMS.
  •            If you used the offline enrolment option to provision RMS, ensure that the enrolment is complete before upgrading to AD RMS.
  •           Flush the RMS Message Queuing queue to ensure that all messages are written to the RMS logging database.
  •           If RMS was provisioned using a hardware security module (HSM), you must reinstall the HSM drivers after the upgrade to Windows Server 2008 is complete, but before you start the upgrade to AD RMS.
  •           If you are using a port other than 80 to host your RMS cluster, the AD RMS Upgrade Wizard will bind two ports to this Web site during the upgrade. You must remove the incorrect binding and restart Internet Information Services before the AD RMS cluster can service requests.
  •            Custom access control lists (ACLs) that are applied to the Administrator and Group Expansion virtual directories are not migrated during the upgrade. If you have a custom ACL on either of these directories, you must set it up manually after the upgrade.
  •            After completing the upgrade to AD RMS, you may receive the following error message when opening the AD RMS console
  •             A connection with the specified AD RMS cluster could not be established. Cannot read configuration file due to insufficient permissions.
  •            You must restart Internet Information Services (IIS) to correct this error.
  •            If RMS is installed but not provisioned and you upgrade to Windows Server® 2008 R2 the upgrade link still appears in Server Manager. If you click this link and RMS was not provisioned, the upgrade fails.

Other things like exporting server licensor certificate and its key is also required to be saved and exported to new server, Update the CNAME records for new ADRMS cluster , check the ADRMS console and see if everything works fine.





Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)