Understanding the AD RMS Deployment Provider Namespace
Updated: October 22, 2009
Applies To: Windows Server 2008 R2, Windows Server 2008 R2 with SP1
The Active Directory Rights Management Services (AD RMS) Windows PowerShell deployment provider exposes a namespace that represents the various configuration settings that you can make to a server before installing AD RMS. You configure these settings by using Windows PowerShell cmdlets to traverse this namespace and then creating or deleting items in the namespace, or setting properties on those items. The namespace consists of a Windows PowerShell drive, which holds a root container and a number of additional subcontainers, depending on the type of drive representing the role the new server will play in an AD RMS cluster. For information about creating an AD RMS Windows PowerShell deployment provider drive, see Using Windows PowerShell to Deploy AD RMS.
This topic lists the containers in the deployment namespace, explains what configuration settings each container represents, and lists the subcontainers or items that it can hold.
<drive>:\
The root container of the deployment namespace represents the general properties of the server itself. You can work with these properties by using the Get-ItemProperty and Set-ItemProperty cmdlets to view and change the following properties for drives that represent the first server in a cluster:ServiceAccount
ClusterURL
SLCName
RegisterSCP (root cluster only)
If <drive> represents a server that is being joined to an existing cluster, only the ServiceAccount property is available.
- <drive>:\ADFSSupport
This container is not used in this version. Do not change any of the properties of this container.
- <drive>:\ClusterDatabase
This container represents the type and location of the cluster database used by the AD RMS cluster being created or joined. If <drive> represents the first server in a root or licensing cluster, use the Set-ItemProperty cmdlet to set the UseWindowsInternalDB, ServerName, and InstanceName properties to specify the location of the cluster database. If <drive> represents a server being joined to an existing cluster, you also set the DatabaseName property.
- <drive>:\ClusterDatabase\DatabaseInstance
This container holds items or containers representing the database instances hosted by the database server specified by the ServerName property of the parent container. If <drive> represents the first server in a cluster, this container holds items whose names are the names of database instances hosted by the server. You can use the name of one of these items to set the InstanceName property of the parent container. If <drive> represents a server that is being joined to an existing cluster, this container holds subcontainers that in turn hold items representing the databases hosted by those instances.
- <drive>:\ClusterDatabase\DatabaseInstance\<InstanceName>
If <drive> represents the first server in a cluster, this is an item representing an instance hosted by the database server. If <drive> represents a server being joined to an existing cluster, this is a container that holds items representing databases hosted by a database instance on the database server. You can use the name of one of these items to set the DatabaseName property of the \ClusterDatabase container.
- <drive>:\ClusterKey
This container represents the AD RMS cluster key protection policy and holds a subcontainer that in turn holds subcontainers that represent the available cryptographic service providers (CSPs). If <drive> represents the first server in a cluster, you can use the Set-ItemProperty cmdlet to set the UseCentrallyManaged property of this container. If you set UseCentrallyManaged to TRUE (the default), you must also set the CentrallyManagedPassword property; if you set UseCentrallyManaged to FALSE, you must also set the CreateNewKeyPair property, or the UseExistingKeyPair and CSPName properties. Enumerate the contents of the CSP subcontainer to obtain the names of available CSPs.
- <drive>:\ClusterKey\CSP
This container holds subcontainers that represent the available CSPs. This container has no properties.
- <drive>:\ClusterKey\CSP\<CSPName>
This container holds items that represent the key containers in the CSP identified by <CSPName>.
- <drive>:\ClusterWebsite
This container holds items representing the Web sites that the server hosts. You can use the Set-ItemProperty cmdlet to set the container’s WebSiteName property to specify the cluster Web site name.
See Also
Concepts
Using Windows PowerShell to Deploy AD RMS
AD RMS Deployment Cmdlets
Installing an AD RMS Cluster
Joining an Existing Cluster
Adding or Removing Federated Identity Support
Upgrading the AD RMS Server Role
Removing the AD RMS Server Role