ServerLicensorCertificate object

The ServerLicensorCertificate object can be used to manage the AD RMS server licensor certificate. You can retrieve this object by calling the ServerLicensorCertificate property on the Enterprise object.

The server licensor certificate is the certificate that signs all licenses and certificates granted by the AD RMS cluster. The certificate can be exported to establish trust with other clusters.

The Microsoft Enrollment Service distributes a server licensor certificate when you deploy AD RMS and provision a root certification server. The certificate is signed by the enrollment service and contains the public key of the root certification server. When you add a licensing server, it is also issued a server licensor certificate, but the certificate is signed by the root certification server.

The following rights can be granted by server licensor certificates. The rights that can be granted depend on the type of server for which the certificate is issued.

RightWhen issued to a root certification serverWhen issued to a licensing server
Issue rights account certificatesYesNo
Issue publishing licensesYesYes
Issue use licensesYesYes
Issue subordinate server licensor certificatesYesNo
Issue client licensor certificatesYesYes

 

Members

The ServerLicensorCertificate object has these types of members:

Methods

The ServerLicensorCertificate object has these methods.

MethodDescription
Export

Distributes the licensor certificate.

 

Properties

The ServerLicensorCertificate object has these properties.

PropertyDescription

FriendlyName

Specifies or retrieves the certificate display name.

KeyHierarchy

Retrieves a value that identifies the certificate hierarchy in which the application is enrolled.

 

Examples


DIM config_manager
DIM admin_role

' *******************************************************************
' Create and initialize a ConfigurationManager object.

SUB InitObject()

  CALL WScript.Echo( "Create ConfigurationManager object...")
  SET config_manager = CreateObject _
    ("Microsoft.RightsManagementServices.Admin.ConfigurationManager")      
  CheckError()
    
  CALL WScript.Echo( "Initialize...")
  admin_role=config_manager.Initialize(false,"localhost",80,"","","")
  CheckError()

END SUB

' *******************************************************************
' Retrieve the server licensor certificate.

SUB GetSLC()

  DIM slc
  DIM environment
  DIM preProd
  DIM production

  production = config_manager.Constants.KeyHierarchyProduction
  preProd = config_manager.Constants.KeyHierarchyPreproduction

  ' Retrieve the ServerLicensorCertificate object.
  SET slc = config_manager.Enterprise.ServerLicensorCertificate
  CheckError()

  ' Retrieve the certificate display name.
  CALL WScript.Echo("SLC name: " & slc.FriendlyName)

  ' Retrieve the certificate hierarchy.
  environment = slc.KeyHierarchy
  IF environment = preProd THEN
    CALL WScript.Echo("Environment = Pre-Production")
  ELSEIF environment = production THEN
    CALL WScript.Echo("Environment = Production")
  ELSE
    CALL WScript.Echo("Environment = Other")
  END IF

  ' Export the server licensor certificate.
  slc.Export("c:\Cert.tmp")

END SUB

' *******************************************************************
' Error checking function.

FUNCTION CheckError()
  CheckError = Err.number
  IF Err.number <> 0 THEN
    CALL WScript.Echo( vbTab & "*****Error Number: " _
                       & Err.number _
                       & " Desc:" _
                       & Err.Description _
                       & "*****")
    WScript.StdErr.Write(Err.Description)
    WScript.Quit( Err.number )
  END IF
END FUNCTION


Requirements

Minimum supported client

None supported

Minimum supported server

Windows Server 2008 [desktop apps only]

Assembly

Microsoft.RightsManagementServices.Admin.dll

See also

Active Directory Rights Management Services Scripting API Reference

 

 

Show:
© 2014 Microsoft