The next step of the demo is to test the AD RMS cluster by protecting the data. For that, I am using two user accounts, as shown in the following table:

The email account field is a must, and if the user doesn't have an email address defined, they will not be allowed to protect the document.

The end user computers must add https://rms.rebeladmin.com to the Internet Explorer and the local intranet's trusted site lists. This can be done via GPO. If it's not added, when you go to protect the document, you will get the following error:

In this demo, as the user, Peter is going to create a protected document using Word 2013. The recipient will be the user Adam only, and he will have only the read permission.