Mar 12
12
I inherited a partial installation of AD RMS. The previous IT guy had simply installed the AD RMS and IIS roles on the box and assigned a url for the cluster. Unfortunately, it was not the correct url so I needed to “remove the cluster” which sounded like a total mess. Since AD RMS had not been in production yet (and thus no certificates had been issued and no documents protected) it made perfect sense to just delete everything and start from scratch. I looked high and low on the Internet for the information I am about to provide. I wasn’t successful in finding much help on the matter so I’m sharing my steps with you here.
Just so you know, when you install the AD RMS server role on Windows Server 2008 R2 (which runs the AD RMS installation wizard), it reaches out and creates several things in your enterprise:
1. It creates a Service Connection Point (SCP) in Active Directory
2. It creates two databases in SQL Server (configuration and logging)
3. It integrates with IIS on the server and/or installs the IIS server role if it wasn’t installed already
For any reason, if the installation needs to be performed again, you need to clean up all of these touch points.
First, remove the AD RMS and the IIS server roles. You also need to clean up the databases that are created in SQL Server (configuration and logging) by taking them offline and then deleting them in SQL Server Management Studio. Then, remove the SCP created by AD RMS in Active Directory (see the posting just previous to this one).
Reboot the machine.
When it comes back up, simply Add the following roles: AD Rights Management Service and IIS and follow the wizard.
