Creating and Deploying Active Directory Rights Management Services Rights Policy Templates Step-by-Step Guide

About this Guide

This step-by-step guide walks you through the process of creating and deploying Active Directory Rights Management Services (AD RMS) policy templates in a test environment. During this process you create a rights policy template, deploy this template to a client computer running Windows Vista® and Microsoft® Office Word 2007, and verify that the client computer can rights-protect a document by using the newly-created rights policy template.

Once complete, you can use the test lab environment to assess how AD RMS rights policy templates can be created with Windows Server® 2008 and deployed within your organization.

As you complete the steps in this guide, you will:

• Create an AD RMS rights policy template.

• Deploy the rights policy template.

• Verify AD RMS functionality after you complete the configuration.

The goal of an AD RMS deployment is to be able to protect information, no matter where it is moved. Once AD RMS protection is added to a digital file, the protection stays with the file. By default, only the content owner is able to remove the protection from the file. The owner can grant rights to other users to perform actions on the content, such as the ability to view, copy, or print the file.

What This Guide Does Not Provide

This guide does not provide the following:

• This guide assumes that AD RMS is already configured for a test environment. For more information about configuring AD RMS, see Windows Server Active Directory Rights Management Services Step-by-Step Guide.

• Complete technical reference for AD RMS or deploying AD RMS templates within your organization. In a large organization, Systems Management Server (SMS) or Group Policy can provide a way to deploy AD RMS rights policy templates to several workstations at a time.

Deploying AD RMS in a Test Environment

We recommend that you first use the steps provided in this guide in a test lab environment. Step-by-step guides are not necessarily meant to be used to deploy Microsoft products without accompanying documentation and should be used with discretion as a stand-alone document. Before you start the steps in this guide, you will need to use the steps provided in Windows Server Active Directory Rights Management Services Step-by-Step Guide also in a lab environment. That guide prepares the basic infrastructure for an AD RMS deployment, with an AD RMS cluster, AD RMS Logging database, and domain controller. This step-by-step guide builds on the previous guide, so it is important to complete it before starting this one. On completion of this step-by-step guide, you will have a working AD RMS rights policy template. You can then test and verify AD RMS rights policy template functionality through the simple task of restricting permissions on a Microsoft Office Word 2007 document with the rights policy template created in this guide.

The test environment described in this guide includes three computers connected to a private network and using the following operating systems, applications, and services:

Computer Name	Operating System	Applications and Services
ADRMS-SRV	Windows Server 2008	AD RMS, Internet Information Services (IIS) 7.0, World Wide Web Publishing Service, Message Queuing (also known as MSMQ), and Windows Internal Database
CPANDL-DC	Windows Server 2003 with Service Pack 1 (SP1)	Active Directory®, Domain Name System (DNS)
ADRMS-DB	Windows Server 2003 with SP1	Microsoft SQL Server™ 2005 Standard Edition
ADRMS-CLNT	Windows Vista	Microsoft Office Word 2007 Enterprise Edition

The computers form a private intranet and are connected through a common hub or Layer 2 switch. This configuration can be emulated in a virtual server environment if desired. This step-by-step exercise uses private addresses throughout the test lab configuration. The private network ID 10.0.0.0/24 is used for the intranet. The domain controller is named CPANDL-DC for the domain named cpandl.com.

The following figure shows the configuration of the test environment:

Read more »

Document Policy from Windows

This document supports a preliminary release of a software product that may be changed substantially prior to final commercial release, and is the confidential and proprietary information of Microsoft Corporation. It is disclosed pursuant to a non-disclosure agreement between the recipient and Microsoft. This document is provided for informational purposes only and Microsoft makes no warranties, either express or implied, in this document. Information in this document, including URL and other Internet Web site references, is subject to change without notice. The entire risk of the use or the results from the use of this document remains with the user. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.

© 2008 Microsoft Corporation. All rights reserved.

Active Directory, Microsoft, MS-DOS, Vista, Windows, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

All other trademarks are property of their respective owners.

Read more »

Creating and Deploying Active Directory Rights Management Services Templates Step-by-Step Guide

Creating and Deploying Active Directory Rights Management Services Templates Step-by-Step Guide

Microsoft Corporation

Published: January 2008

Author: Brian Lich

Editor: Carolyn Eller

Abstract

This step-by-step guide provides instructions for setting up a test environment for creating and deploying Active Directory Rights Management Services (AD RMS) rights policy templates on the Windows Server® 2008 operating system.

Read more »

Sanket and Swapnil Barot

Read more »

Viruses

A virus is a program that gets on your hard drive and deletes programs. One will also lock up files. Some will delete your passwords. Every virus does something different. Some viruses have weird names such as groovier, Jack the Ripper and tequila. The way the viruses are made is through programming computer programs such as COBOL, basic, c, and, Java. You should be careful when you download something from the Internet because it may have a virus. Opening E-mail can also transfer viruses. You should have an antivirus program on your computer. One example of a network antivirus program is LANDesk. Two of the more popular personal programs are McAfee and Norton. One bad virus is Sunday-1 On Sundays; the virus displays the following message:

"Today is Sunday! Why do you work so hard?

All work and no play make you a dull boy!

Come on! Let's go out and have some fun!"

The virus increases infected files by 1636 bytes.

Another example of a virus is Friday The 13^th On Friday the 13th, Jerusalem loads into memory for 30 minutes, after which it deletes any file the user attempts to execute. On other days, Jerusalem slows down the computer system 30 minutes after each infection. It also wipes out an area of the screen, usually called the "black window," or "black box." A bug in the virus can cause .EXE files to be infected repeatedly until they become too large to execute.

So take care of your computer and always have a virus protection program. Always be careful when you open a floppy disk because it might have a virus. When you download anything from the internet always scan

- JMD Computer

Read more »

Back up your computer

It’s an essential task for any computer user, but it’s also pretty intimidating for most. Here’s a simple guide to backing up the data on your computer There are many reasons why you should back up your computer—possibilities of hard disk corruption or crash due to malicious programs or technical faults, accidents such as fires or thefts, and so on. However, for most users, a ‘backup’ is either inessential or too technical. It needn’t be either of these; here are guidelines you could follow to make backing up a routine task.

What to back up

You should back up data that cannot be replaced easily, balancing this with the need to keep backup sizes within reasonable control. If you have hundreds of gigabytes of music, it may not be possible to back up all of it within reasonable costs.

You could decide to back up your work-related files, Internet downloads that you’ve paid for, photographs, music that you’ve purchased from the Internet, any financial records, your Outlook Address Book and so on.

Once you decide what you would like to backup, you can estimate the amount of storage space you would need for this. The estimate should also include the possibility of data growth in future. The amount of storage space you need will help you decide where you would create your backups.

Where to back up

A backup should ideally be created on a separate hard disk or at least a separate hard-disk partition. You could also take backups on Zip drives, CDs or DVDs, or even USB pen drives. Remember that taking backups is a regular task, so you need adequate space for them. If you decide to backup to removable media like CDs or DVDs, remember to buy RW disks, so that you can update your backups by erasing the older ones and burning the new ones.

Another way of taking backups is to do it online. Here, you connect to a website, such as Xdrive, which gives you a backup utility that creates your backup, compresses it, encrypts it, and then transfers it to a third-party location. You can connect to this location to view or update your backups, when your system information or data changes. Online backups have the advantage that your data is stored in two separate locations—you’re PC and a remote location.


CD-RWs and DVD-RWs are relatively inexpensive. Moreover, a CD-RW can store up to 700 MB of data, while a DVD-RW can store a few GB. However, you need to check that your PC comes with the appropriate drive for the media you want to use. Otherwise, you’ll need to invest in the drive as well. Most USB drives can hold up to 2 GB of data and are not too expensive, but due to their small size, are easy to misplace. Zip drives and disks are relatively expensive, but usually come with backup software that helps in taking backups.

How to back up

There are many ways of taking backups. Windows XP and Vista come with backup utilities. In Windows XP, this is available under Start > All Programs > Accessories > System Tools. In Windows Vista, go to Start > Control Panel > System and Maintenance > Back up your computer.

If you don’t have the backup utility in Windows, you can install it from the CD. Apart from the Windows utilities, you can also use any of the numerous free backup utilities that are available online. Only remember to download these from trusted sites, such as download.com.

Backup utilities take you through the process of backing up—choosing what to back up, where to back up, creating the backup, usually with compression so that more data can be stored. You can also create a backup schedule with the utility.

If the data you want to backup is not too large in size, you can create manual backups. Go to the folder that you want to backup, copy it and paste it to the location or disc where you want to create the backup.

You can also create an image of your hard disk by using utilities meant for this, so that your system can be restored to its current state in case of a crash. Several free utilities are available for this as well.

You’ll need to backup regularly, especially those parts of your essential data that change frequently. You can do this manually if the data isn’t too large or use the backup utility all over again.


- JMD Computer

Read more »

Mobile users beware! Hackers are on the prowl

Mumbai: With India adding almost 8 million cell phone subscribers per month - and SMS being the largest-used service - hackers find wishing a great tool to target gullible users.

Rakshita Kolaskar (name changed) was pleasantly surprised to receive a SMS recently, announcing her as the winner of a $3 million (around Rs 12.5 corer) prize from the Shell International Mobile Draw.

The message prompted her to mail her claim and asked her to call an international number. However, when her excitement died, she tried hard to recall if she ever used any Shell product or service, as the SMS stated.

She soon realized that she had never done so. So why was this SMS sent, especially, when a Shell official confirmed that it had not issued any such award?

Welcome to the world of Wishing or voice phishing, wherein hackers are using a combination of voice over internet protocol (VoIP), SMSs and the internet to fool and redirect users into dialing a phone number and collect critical information for financial gain. In Kolaskar's case, both mobile spam and wishing were used.

Phishing-related losses have been estimated at $2.8 billion with a single victim losing $1,244 in 2006, compared with $257 in 2005, according to Gartner.

According to some recent reports, phishing attacks on banks have increased since the beginning of the year.

Globally, the first wishing attack was registered in 2006, but there have been reports that these are increasing. Earlier this year, the FBI's internet Crime Centre said it received multiple reports on different variations of wishing. These attacks against US financial institutes and individual users continue to rise.

Many feel that India is a compelling market for this kind of an attack. With almost 8 million subscribers added per month —and SMS the largest-used service —experts feel this could be the best way to target Indian users.

Rohas Nagpal, president, Asian School of Cyber law, feels that the above is a social engineering attack could be later used for a fraudulent activity or it could also be the first step towards wishing.

Security experts are of the opinion that more than the technology solutions, it is the ease of database availability from the telecom operators that is responsible for this in India. "If you go to Nehru place in New Delhi, you can get a mobile number database for a few thousands of rupees," says a security specialist.

Many feel that laws should be strengthened. Kartik Shahani, regional director, India, McAfee, says: "Everyone knows that databases are sold by network operators. One can also specify the type of database based on a user's ARPU spend. Besides, the rules and regulations on providing database access to other users are very weak in India."

He also believes that if the attack is taking place from the net, then there are solutions that can help users detect the authentic site. But in case of wishing, it becomes difficult.

Howard Schmidt, president and CEO, R&H Security Consulting and a former special advisor for cyberspace security for the White House, had told Business Standard that with the mobile usage increasing, the next wave of security threats will target handhelds.

He said: "Five years from now, the mobile will be used like we use PC and laptops today. So, the attacks will be using the data on the handheld. The problem is that while solutions are available people are not using it."

Niraj Kaushik, country manager, India and Saarc, Trend Micro, cautions that though wishing is still at a nascent stage, very few operators are providing any security solutions that can control spam on mobile handsets.

The Nigerian scam

Phishing is a common phenomenon on the internet. It is a form of internet fraud that aims to steal valuable information such as credit card details, social security numbers, user IDs and passwords for financial gains.

Several top banks in India have reportedly been hit by phishing. A popular email scam is the Nigerian scam.

The email, in this case, is sent by a prominent official from an African country asking the recipient to help him/her in depositing money into a local bank and also offers to share the bounty.

Source: Business standard

JMD Computer

Read more »