Active Directory Rights Management Services (AD RMS) is a Microsoft Windows security tool that provides persistent data protection by enforcing data access policies. For documents to be protected with AD RMS, the application the document is associated with must be RMS-aware. Originally known as Windows RMS, the name was changed AD RMS in Windows Server 2008.
AD RMS has server and client components. The server component is made up of multiple web services that run on a Microsoft server. The client component, which can either be run on a client or server operating system, contains functions that enable an application to encrypt and decrypt content, acquire licenses and certificates from a server and perform many other security-related tasks.
Microsoft made significant changes to AD RMS in Windows Server 2012. These changes included an updated set of SQL Server requirements, Server Core support, a remote deployment option and an option to deploy with PowerShell commands.
See also: access control list