Identity with Windows Server 2016 — Question 45

You have an Active Directory Rights Management Services (AD RMS) server named RMS1. Multiple documents are protected by using RMS1.
RMS1 fails and cannot be recovered. You install the AD RMS server role on a new server named RMS2. You restore the AD RMS database from RMS1 to RMS2.
Users report that they fail to open the protected documents and to protect new documents.
You need to ensure that the users can access the protected content.
What should you do?

Answer options

• A. From Active Directory Rights Management, update the Service Connection Point (SCP) for RMS1.
• B. From DNS, create an alias (CNAME) record for RMS2.
• C. From DNS, modify the service location (SRV) record for RMS1.
• D. From RMS2, register a service principal name (SPN) in Active Directory.

Correct answer: D

Explanation

The correct answer is D because registering a service principal name (SPN) in Active Directory for RMS2 is essential for clients to locate the new server and access the protected content. Options A, B, and C do not address the requirement for the new server to be recognized by clients, hence they will not resolve the issue.