Share via


Create an Application Manifest

[The AD RMS SDK leveraging functionality exposed by the client in Msdrm.dll is available for use in Windows Server 2008, Windows Vista, Windows Server 2008 R2, Windows 7, Windows Server 2012, and Windows 8. It may be altered or unavailable in subsequent versions. Instead, use Active Directory Rights Management Services SDK 2.1, which leverages functionality exposed by the client in Msipc.dll.]

A manifest is a self-generated XrML certificate that signs your application into the Pre-production or Production hierarchy. It is used primarily to protect your application from viruses. By specifying required, optional, and prohibited files, the manifest enables you to control what is loaded into the process space and what is allowed to access protected content. This increases security by helping to prevent viruses from running in the same space as your application and by preventing an attacker from surreptitiously replacing libraries. For more information, see Creating an Application Manifest.

You provide the manifest as input to only one function, DRMInitEnvironment, which loads the lockbox and returns a handle to a secure environment object. The following functions require the environment handle, and many other functions indirectly require a secure environment:

Creating an Application Manifest

Setting Up the Pre-production Development Environment