Share via


AD RMS Client

[The AD RMS SDK leveraging functionality exposed by the client in Msdrm.dll is available for use in Windows Server 2008, Windows Vista, Windows Server 2008 R2, Windows 7, Windows Server 2012, and Windows 8. It may be altered or unavailable in subsequent versions. Instead, use Active Directory Rights Management Services SDK 2.1, which leverages functionality exposed by the client in Msipc.dll.]

Beginning with Windows Vista, the client component of Active Directory Rights Management Services (AD RMS) is installed with the operating system. You can download it for prior operating systems from the following locations.

The AD RMS client, implemented in Msdrm.dll, exposes functionality that enables users to create, publish, and consume protected (encrypted) content. Specifically, an AD RMS-enabled application can leverage the client to perform the following tasks:

  • Send a request to an AD RMS activation service to issue a machine certificate that identifies a computer by signing it into the AD RMS certificate hierarchy. For more information, see Activating a Computer.
  • Send a request to an AD RMS activation service to issue a rights account certificate that signs an Active Directory user account into the AD RMS certificate hierarchy and associates the user with a specific computer. For more information, see Activating a User.
  • Create an issuance license that lists the users who can decrypt protected content and the rights that can be made available to them. The application can send a request to an AD RMS licensing service to sign the issuance license online or it can request a client licensor certificate that can be used to sign the license offline. For more information, see Creating and Using Issuance Licenses.
  • Encrypt the content and make it available for authenticated and authorized users. For more information, see Encrypting Content.
  • Acquire an end-user license for a specific user, decrypt the content, and enforce the rights enumerated in the license. For more information, see Decrypting Content.

AD RMS Overview