3.1.1.1.1 ServerConfiguration ADM Elements
The ServerConfiguration type contains all of the configuration data used by the server to process requests. It contains the following fields.
configurationVersion: An integer that indicates the current version of the ServerConfiguration.
configurationRefreshInterval: The interval of time the server waits between checking whether the StoredConfiguration has changed.
serverVersion: A string that indicates the build version of the server.
name: A string that indicates the friendly name of the server.
SKU: A string that indicates the SKU of the server.
cryptographicMode: Indicates the cryptographic mode of the server. Can be either Mode 1 or Mode 2, as described in section 3.1.4.7.
trustedSpcCAKeys: A list of trusted SPC issuer keys that can be used to determine whether to authorize client requests that involve a given SPC chain. The SPC issuer key can be retrieved from the SPC chain.<24>
SLC: An XrML 1.2 certificate chain that signs the RMS server's public key into the certificate hierarchy.
keyPair: An asymmetric key pair used for encryption, decryption, and signing in the server.<25>
applicationExclusionPolicy: A set of elements of type ApplicationExclusionEntry that define the applications to be excluded in use licenses (ULs) produced by the server.
osExclusionEnabled: A Boolean value that indicates whether OS Exclusion is enabled.
osExclusionPolicy: An optional minimum and maximum version to be included in an OS Exclusion condition of use licenses (ULs) produced by the server.
spcExclusionPolicy: An optional minimum accepted version for the Repository SECURITYLEVEL of an SPC.
racExclusionPolicy: A set of public keys that are not permitted in RACs trusted by the server.
creationTimeTolerance: The amount of time a RAC CredentialCreationTime SECURITYLEVEL is allowed to exceed the publishing license (PL) ISSUEDTIME. This SECURITYLEVEL allows for the reuse of accounts by ensuring that the account was created before the PL was issued. This policy allows for an account to be created a limited time after the PL was issued.
racValidityTime: The length of time a RAC produced by this server is valid.
tempRacValidityTime: The length of time a temporary RAC produced by this server is valid.
federatedRacValidityTime: The length of time a RAC produced by this server is valid when Microsoft Web Browser Federated Sign-On authentication is used.
certificateValidityTimeTolerance: The amount of time to subtract from the ISSUEDTIME while generating a RAC in order to compute the FROM value of the VALIDITYTIME. This allows for the clock on the client to differ by a specified amount from the server.
persistRac: A Boolean flag that indicates whether RACs produced by this server are persisted to an external store.
baseUrl: The base URL of the RMS server.
licensingUrl: The URL of an alternative RMS server to be used for operations in the "/licensing/" virtual directory.
externalCertificationUrl: An optional URL reachable on the Internet (or on an extranet) to be used for operations in the "/certification/" virtual directory.
externalLicensingUrl: An optional URL reachable on the Internet (or on an extranet) to be used for operations in the "/licensing/" virtual directory.
federationEnabled: A Boolean value that indicates whether the server supports Microsoft Web Browser Federated Sign-On authentication.
serverDecommissioned: A Boolean value that indicates whether the server has been decommissioned. A decommissioned server is not intended for normal operation, but can still provide a mechanism to decrypt documents before removing the server. Server decommissioning is specified in [MS-RMSI].
noRightsCacheEnabled: A Boolean value that indicates whether the server will add an entry to its plCache when a RAC has no rights in the corresponding PL.
onlinePublishingEnabled: A Boolean value that indicates whether the server supports online publishing.
trustedRacIssuers: A set of public keys from SLCs of servers that are trusted to issue RACs.
trustedLicensingServers: A set of elements of type TrustedLicensingServer specifying the servers on behalf of which this server can issue use licenses (ULs).
superUserEnabled: A Boolean value that indicates whether the superUserGroup is used when processing licensing requests.
superUserGroup: The email address of a group whose members receive full access when requesting a UL from this server, regardless of the policy in the PL.
publishedTemplates: A set of zero or more XrML 1.2 certificates. Each element of the set is a Rights Policy Template (section 2.2.9.10). These templates are used for template distribution.
archivedTemplates: A set of zero or more XrML 1.2 certificates. Each element of the set is a Rights Policy Template. These templates are not distributed but can still be used for evaluation of PLs while generating ULs.
plCache: A set of elements of type PLCacheEntry. This is an optional cache that stores parsed PLs in memory to avoid parsing and validating PLs more than once across multiple requests.
revocationType: A string that indicates the revocation type for the server. This can be either "StandardRevocation" or "CustomRevocation".
revocationAuthorities: A set of zero or more elements of type RevocationAuthorityInformation (section 3.6.4.1.3.2) that contain the binary public keys of the revocation authorities.