Home » Microsoft » 70-640 » What should you do?
Active Directory Rights Management Services (AD RMS) is deployed on your network.
Users who have Windows Mobile 6 devices report that they cannot access documents that are protected by AD RMS.
You need to ensure that all users can access AD RMS protected content by using Windows Mobile 6 devices.
What should you do?
A. Modify the security of the ServerCertification.asmx file.
B. Modify the security of the MobileDeviceCertification.asmx file.
C. Enable anonymous authentication for the _wmcs virtual directory.
D. Enable anonymous authentication for the certification virtual directory.
Correct Answer: B
Explanation/Reference:
http://technet.microsoft.com/en-us/library/ff608252%28v=ws.10%29.aspx
Windows Mobile Considerations for AD RMS
AD RMS and Windows Mobile Requirements
Active Directory Rights Management Services (AD RMS) integrates with Microsoft Windows Mobile® in Windows Mobile 6 and later devices. End users can create and consume protected e-mail messages and can read protected Microsoft Office documents on their Windows Mobile device.
…
AD RMS client capabilities are embedded in the operating system of Windows Mobile 6 and later devices. There is no AD RMS client available for Windows Mobile 5.0 or earlier; AD RMS can be used only on devices with Windows Mobile 6 and later. There is full interoperability when sharing AD RMS protected content between the different versions and editions of Windows Mobile 6 or later.
By default the Discretionary access control lists (DACLs) of the AD RMS mobile certification pipeline is restricted and must be enabled for Windows Mobile 6 or later devices to obtain certificates and licenses to create and consume AD RMS protected content. You can enable the certification of mobile devices by giving the AD RMS Service Group and the user account objects of the AD RMS-enabled application Read and Read & Execute permissions to the MobileDeviceCertification.asmx file. This file is located under %systemdrive%Inetpubwwwroot_wmcsCertification by default. You must complete this process on each AD RMS server in the cluster.