When you deploy Microsoft SharePoint Products and Technologies in your organization, you can also use Information Rights Management (IRM) to enable content creators to control and protect their documents. To use IRM in your organization, you must also deploy an Active Directory Rights Management Services (AD RMS) server. With Forefront Unified Access Gateway (UAG) Service Pack 1, you can allow users to access IRM-protected libraries by publishing your SharePoint server and the AD RMS server.

For information about deploying an AD RMS server, see Active Directory Rights Management Services (http://go.microsoft.com/fwlink/?LinkId=188558). For information about planning for IRM in Office 2010, see Plan for Information Rights Management in Office 2010 (http://go.microsoft.com/fwlink/?LinkId=188557).

If you want to allow your organization and external users to share IRM-protected content over the Internet, you should deploy your AD RMS clusters for both internal and external use by using one of the following options:

Forefront Unified Access Gateway (UAG) contains a publishing template that you can use to publish an AD RMS server. The following procedure describes how to publish the AD RMS server.

To publish an AD RMS server

  1. In the Forefront UAG Management console, click the trunk to which you want to add the application, and then in the Applications area, click Add.

  2. In the Add Application Wizard, on the Select Application page, click Web, and then in the list, click Rights Management Services.

  3. On the Web Servers page, do the following:

    1. In the Addresses box, enter the internal host name of the AD RMS server.

    2. In the Public host name box, enter the Extranet cluster URL of the AD RMS server. The Extranet cluster URL is defined on the Cluster URLs tab of the AD RMS properties dialog box, which is available from the AD RMS Management console.

    3. In either the HTTP port box or the HTTPS port box, enter the port over which the AD RMS server is available.

  4. On the Authentication page, select an authentication server, and select the Allow rich clients to bypass trunk authentication check box.

  5. On the Portal Link page of the wizard, do not make any changes.

  6. When you complete the wizard, click Finish.

    The Add Application Wizard closes, and the application that you defined appears in the Applications area of the Configuration section.

  7. On the toolbar of the Forefront UAG Management console, click the Activate configuration icon, and then on the Activate Configuration dialog box, click Activate.

    After the configuration is activated, the message "Activation completed successfully" appears.