This is the extended configuration of a single forest--a single cluster topology. There are two types of AD RMS clusters. The AD RMS root cluster is the default cluster, and it answers for both certificates and licensing requests. The licensing-only cluster can also be deployed in the same forest, and it will respond to licensing requests only. This suits infrastructures that have sites in different geographical locations. Then, it will rule out the requirement of contacting RMS clusters via slow links. Instead, it will use a license-only cluster on each site for licenses. There is only one root cluster for the forest. But it can have multiple licensing-only clusters.
Based on the role installed in the AD RMS server, it will decide which cluster it will be part of. However, unless there is a special requirement, it is recommended that you use the root cluster only. Load balancing between member servers is handled on the cluster level, and its configurations are independent. It cannot be shared between different clusters. In this topology, it will also need to consider MS SQL high availability and see how it can be used with multiple sites.
The following table lists the advantages and disadvantages of this topology:
|
Advantages |
Disadvantages |
|
Remote sites do not need to depend on the site links and bandwidth. The local RMS license-only cluster will process the licenses request from the site resources. |
Complexity--deployment needs advanced planning and conflagration. |
|
Complies with government rules to use localized encryption tools and technologies. |
High cost--need to use additional resources and licenses for the deployment. Also increases the maintenance cost. |
|
N/A |
Distributed management--when placing clusters on remote sites, it may also need to grant privileges to the site's IT team in order to manage and maintain the system. This can make an impact on security and system integrity. |