Quantcast
Channel: Active Directory Rights Management Service(On premise) forum
Viewing all 1025 articles
Browse latest View live

AD RMS, Office Home and Business 2013

March 14, 2016, 12:38 am
$
0
0

Hello everyone,

After a call to MS support they suggested to put my question here :)

The setup:

AD RMS installed and Up and Running.

Two machines, both members of the AD domain :

1. Office Home and Business Ver. 15.0.4797.1003 (which according to the MS Articles and information that I have found so far should come with installed RMS client) installed on Windows 10 Pro.

2. Office Home and Business Ver. 15.0.4797.1003 installed on Windows 8.1 Pro

The first machine is able to connect to the Rights Management Server and able to download templates and protect documents.

On the second machine, inside the office (MS Word) in the Info->Protect Documents there is no line forRestrict Permissions at all. In addition, the button in Outlook, located in Options isempty.

I really hope if someone have already faced such an issue to give me a hand here.
Thank you.

If you need any further information please let me know.

Search

Logging for policy change against protected document.

March 15, 2016, 11:46 pm
$
0
0

I want to trace which documents are decrypted ( = change the policy to "Unrestricted Access" ),and who had done that operation.

Can I get the above information from logging database?

Or are there other possibilities,like 3rd party tools?

Thank you,

Yasuo Kawasaki

RMS iOS SDK 4.2 - How to clear caching of policies.

March 16, 2016, 2:08 am
$
0
0

Hi, 

I am integrating RMS iOS SDK 4.2 with our app. I wanted to know whether is it possible to take control over the cached policies for the user. Basically we are facing problem when ever user has more than one azure email-id and wants to login and check with all different userids.

Thanks for the hep.

AD RMS Client

March 23, 2016, 8:37 pm
$
0
0

Hi,

May I know if there is an "end of life" for Microsoft Active Directory Rights Management Service Client 2.0 and 2.1. If yes, may I know where is the source (I'm not able to find the software in the Microsoft Product LifeCycle Page).

Thanks.

Felix.

I cannot open a spreadsheet protected by Windows Rights Management

March 26, 2016, 11:22 pm
$
0
0

I am using Windows 10 and Microsoft Office 2016

I cannot open an excel file because it’s protected by Windows Rights Management

I have been using the file for years with Windows Rights Management, from time to time I have to register my computer with Windows Rights Management to open Windows Rights Management protected files

Recently I moved the file to OneDrive for Business, it's synchronised with my hard drive. Initially it wouldn't open but after a while I managed to get it to open (I forget the exact detail). I used it a number of times without problems

It now won’t open again. When I try to open it in OneDrive for Business it says it can't because it's encrypted. When I try to open it from my hard drive a window tells me it’s ‘Configuring my computer for Information Rights Management . . . ‘ but another Windows Rights Management window also opens saying ‘Server Error in '/Certification' Application’ Login failed the login is from an untrusted domain and cannot be used with windows authentication, and lots more (see attached snip)

I'm happy to remove the encryption if possible

Can someone please help?


Remove AD RMS Cluster

February 14, 2014, 2:06 am
$
0
0

Hi,

how can I remove my AD RMS Cluster to create a new one?

I have some VM´s an which I try to install an RMS Test Environment. I installed RMS a time ago, but it did not work correctly. So I restored the "empty" Snapshots off the RMS and the SQL-VM. Now, when I want to install RMS and create a new cluster, i cannot, becaue it says there is an existing cluster. But I cannot install the server in this existing cluster, because the configuration database is not longer avaiable.

What can I do?

Configure RMS with Exchange 2013

March 29, 2016, 12:11 am
$
0
0

hi,

We have RMS in our organization and now we want to use it with exchange to choose who can forward/copy etc. our e-mails outside our organization. Is there any guide or if someone has its own blog which explaning these settings and how to configure this?

Thank you in advanced.

Unrestricted Access and Do Not Forward Permissions

March 29, 2016, 6:37 pm
$
0
0

Hi,

I believe I found from other questions in this forum that the Do Not Forward Permissions template is created for outlook when AD RMS is installed and the client connects RMS. Where does the option for Unrestricted Access come from? Is it also created for Outlook when IRM connected? It appears in OWA that it shows as No Restriction instead. Is this correct? I assume they cannot easily be removed.

Thank you

Search

How to get an "RMS protected file"s associated template name when the files status is IPCF_FILE_STATUS_ENCRYPTED_CUSTOM

April 1, 2016, 2:55 pm
$
0
0

Hi,

Using the RMS SDK/Apis, how do you obtain the associated RMS template for an RMS protected file when the files RMS status equals IPCF_FILE_STATUS_ENCRYPTED_CUSTOM?

I have working code that calls IpcfIsFileEncrypted.  
IpcfIsFileEncrypted sets the second parameter to a value that is not equal to IPCF_FILE_STATUS_DECRYPTED.  This means the file is RMS protected.  The actual value of the second parameter is set to IPCF_FILE_STATUS_ENCRYPTED_CUSTOM.

Since the file is RMS protected, the code needs to retrieve the RMS template used to protect the file.  This means the code needs to call IpcfOpenFileOnHandle (at least I think it does).  However, the documentation says you cannot call IpcfOpenFileOnHandle for custom-encrypted files: 

This function will fail for un-unencrypted files or custom-encrypted files (i.e., files for which IpcfIsFileEncrypted returnsIPCF_FILE_STATUS_ENCRYPTED_CUSTOM. 

at https://msdn.microsoft.com/en-us/library/windows/desktop/dn771751(v=vs.85).aspx

Is there any way to get the associated RMS template for a RMS "custom-encrypted" file?

Thank you very much in advance.

Tony

Anthony LaMark

How to auto deploy ADRMS policy template to be viewed in office 2013

April 2, 2016, 6:30 am
$
0
0

I installed and configured ADRMS Role on windows server 2012 r2, and it's working like a charm! The only issue i have is how to auto deploy the ADRMS policy templates so i find them once i open Microsoft office (2013).

when I create a new Distributed Right Policy Template and I navigate to Microsoft word 2013, I cant find this new policy in the Restrict Access unless i go to regedit--currentuser--software--classes--localsettings--software--microsoft-msipc--<servername>--template and i delete the string "LastUpdateTime". Each time I create a new policy template I do the previous steps to find it in office.

So any help please!!!

Regards,

Group Policy and files with parameters

April 3, 2016, 12:54 pm
$
0
0

Hello all. I have a question regarding Group Policy.

Is it possible to block an executable with a specific parameter specified while letting the same program run when no parameters are inserted?

e.g.     C:\Folder1\file1.exe -> allowed

           C:\Folder1\file1-exe -param1 - param2 /param3 ...........   -> blocked

Thank you.

Can not access license and certification url

April 9, 2016, 9:22 pm
$
0
0

Hi,

My configuration:

  • AD RMS server IP: 10.0.0.5
  • license url: https://adrms/_wmcs/licensing
  • certification url: https://adrms/_wmcs/certification/certification.asmx.
  • https://adrms is already added in Local intranet in IE.

Problem is, I can not access above urls in server and client. If I replace "adrms" with server IP, the page can be opened in AD RMS server and client. Can anybody tell me what's the cause? 

Thanks,

Kevin Wang


I cant find the Option Restrict Permission By People At Word

April 12, 2016, 6:14 am
$
0
0

I installed the Feature ADRMS On my server .

I've configured the templates but i can't find the option restriction by people on my word .

How can i do to able this option ?

RMS Sharing Application For Windows Refresh Tamplate

April 19, 2016, 11:57 pm
$
0
0

i can use a registry editor, delete the data for the LastUpdatedTime value and delete the following folder and all files it contains: %localappdata%\Microsoft\MSIPC\Templates to refresh office2013 rms tamplates,but i can not refresh rms sharing application tamplates, when i click mouse right the old tamplates still there.

how can i refresh rms sharing application immediate?

unable to active user in pre-production hierarchy. Error code: 0x8004cf3d

April 21, 2016, 9:07 pm
$
0
0

Hi,

When I run code to active user in AD RMS client, I got following error:

The callback function returned a failure code. hr = 0x8004cf3d
DoUserActivation failed. hr = 0x8004cf3d

The error code means "E_DRM_NEEDS_MACHINE_ACTIVATION".

In report generated by Irmcheck.exe, It says server is in production mode and machine activated in ISV hierarchy. In fact, I already modified registry settings in sever and reinstall and configure AD RMS to make it run in ISV hierarchy.

Operating system: Windows Server 2012 R2 Datacenter [6.3.9600.winblue_r4.141028-1500] 
Target: RM Production Environment 

8. Machine activation ERROR The machine is activated in ISV hierarchy instead of Production hierarchy 

Logs from DebugView: 

[2404] [msdrm]:+DRMCreateClientSession - uCallbackVersion = 0,wszGroupIDProviderType = WindowsAuthProvider,wszGroupID = rmsadmin@test.local
[2404] [msdrm]:-DRMCreateClientSession HR=0
[2404] [msdrm]:+DRMIsActivated - uFlags = DRM_ACTIVATE_MACHINE
[2404] [msdrm]:-DRMIsActivated HR=0
[2404] [msdrm]:+DRMEnumerateLicense uFlags = DRM_EL_MACHINE,uIndex=0
[2404] [msdrm]:-DRMEnumerateLicense HR=0
[2404] [msdrm]:+DRMEnumerateLicense uFlags = DRM_EL_MACHINE,uIndex=0
[2404] [msdrm]:-DRMEnumerateLicense HR=0
[2404] [msdrm]:+DRMIsActivated - uFlags = DRM_ACTIVATE_GROUPIDENTITY
[2404] [msdrm]:-DRMIsActivated HR=8004cf3e
[2404] [msdrm]:+DRMGetServiceLocation uServiceType = DRM_SERVICE_TYPE_CERTIFICATION,uServiceLocation = DRM_SERVICE_LOCATION_ENTERPRISE
[2404] [msdrm]: Parameters uServiceType=2,uServiceLocation=2,wszIssuanceLicense=(null)
[2404] [msdrm]:-DRMGetServiceLocation HR=0
[2404] [msdrm]:+DRMGetServiceLocation uServiceType = DRM_SERVICE_TYPE_CERTIFICATION,uServiceLocation = DRM_SERVICE_LOCATION_ENTERPRISE
[2404] [msdrm]: Parameters uServiceType=2,uServiceLocation=2,wszIssuanceLicense=(null)
[2404] [msdrm]: DRMGetServiceLocation Returned : ServiceUrl = https://adrms.test.local/_wmcs/certification
[2404] [msdrm]:-DRMGetServiceLocation HR=0
[2404] [msdrm]: calling CheckIfAppListAppIsCallingMsdrmWithWHR 
[2404] [msdrm]: CheckIfAppListAppIsCallingMsdrmWithWHR returned false
[2404] [msdrm]:+DRMActivate - uLangID=0,wszServer=https://adrms.test.local/_wmcs/certification,uFlags=18,DRM_ACTIVATE_GROUPIDENTITY DRM_ACTIVATE_SILENT 
[2404] [msdrm]:wszServer = https://adrms.test.local/_wmcs/certification,wszUserID = rmsadmin@test.local,wszUserType = WindowsAuthProvider 
[2404] [msdrm]:-DRMActivate HR=0
[2404] [msdrm]:wszServer = https://adrms.test.local/_wmcs/certification ,wszUserID = rmsadmin@test.local,wszUserType = WindowsAuthProvider 
[2404] [msdrm]:CHttpBase::DispatchRequest returned hr:0,ErrorCode=200 when hitting Url=https://adrms.test.local/_wmcs/certification/server.asmx with Post size=581
[2404] [msdrm]:Response Url=https://adrms.test.local/_wmcs/certification/server.asmx
[2404] [msdrm]:CHttpBase::DispatchRequest returned hr:8004cf44,ErrorCode=500 when hitting Url=https://adrms.test.local/_wmcs/certification/Certification.asmx with Post size=15727
[2404] [msdrm]:Response Url=https://adrms.test.local/_wmcs/certification/Certification.asmx
[2404] [msdrm]: CertifyGroupIdentity  FaultCode = soap:Server , FaultString = System.Web.Services.Protocols.SoapException: Exception of type 'System.Web.Services.Protocols.SoapException' was thrown. ---> Microsoft.DigitalRightsManagement.Core.VerifyMachineCertificateChainFailedException: Exception of type 'Microsoft.DigitalRightsManagement.Core.VerifyMachineCertificateChainFailedException' was thrown. 
[2404]    --- End of inner exception stack trace --- 
[2404]    at Microsoft.DigitalRightsManagement.Certification.BaseCertificationWebService.Certify(CAType caType, CertifyParams requestParameters) 
[2404]    at Microsoft.DigitalRightsManagement.Certification.CertificationWebService.Certify(CertifyParams requestParams) 
[2404] [msdrm]:+DRMCloseSession
[2404] [msdrm]:-DRMCloseSession HR=0

Is any problem in my environment? 

Thanks,

Kevin Wang





Search

Does MS AD RMS integrated wth Newgen DMS solution?

April 24, 2016, 2:22 am
$
0
0
I Want to know whether Microsoft AD RMS /IRM support Newgen Omnidocs latest version DMS solutions, and do the user have to by the Windows AD RMS Cals for the same. What are the pre-requistes if Windows RMS support Newgen DMS solution?

decrypting in apimode server

April 25, 2016, 4:26 am
$
0
0

Hi,

 My company makes enterprise software which crawls messages from exchange mailboxes, We want to be able to decrypt messages which are rms encrypted. I wrote some sample for for decryption, it works fine if i use Apimode as client and the parameters like suppressUI etc are working fine and I am able to decrypt messages using SafeFileApiNativeMethods.IpcfDecryptFile, However as per my understanding as we are server product we should be using server mode by setting SafeNativeMethods.IpcSetAPIMode(APIMode.Server). when i set the mode to server (after the initialize call) and call SafeFileApiNativeMethods.IpcfDecryptFile using FLAG_DEFAULT,

I get an error saying The operation being requested was not performed because the user has not been authenticated. HRESULT: 0x800704DC.

Am i doing something incorrectly? Do i need to use the overloaded method which uses SymmetricKeyCredential in case of i am running in server mode.

Thanks a lot for your help. Appreciate your help in this regard.

Internal Error Occur

April 25, 2016, 7:52 am
$
0
0

I keep getting this error when i try to connect my office 2013 to right management server after adding the my RMS Url "https://rms.contoso.com to trusted intranet site. I have done all necessary troubleshooting. I still keep getting this error.

I need help ASAP.

Multi-Factor Authentication Server and LDAP Authentication Set Up. Need help.

April 27, 2016, 6:32 am
$
0
0

Hello,

I am having trouble getting LDAP Authentication to work and I am not sure what I am doing wrong.

-I have added a test workstation's IP to the LDAP Authentication>Clients Tab

-I have checked off the test server in LDAP Authentication>Multi-factor Auth Servers

-I have set up the LDAP configuration in Directory Intergration>Settings

(Test shows that "LDAP connection successful")

-I have added my test user by importing it from the active directory.

-I have set the username resolution to LDAP unique identifiers.

Am I missing anything because my test login is able to log into that server with out getting pinged for MFA.

I need to set up MFA with LDAP Authentication because I have a kiosk environment where credentials unique to the workstation gets into the server first. Then the user logs in to start their session. And because of this Windows Authentication gets by passed.

Thanks to anyone who takes the time to respond.

How to set up Office in pre-production environment

June 10, 2014, 9:03 pm
$
0
0

I have deployed AD RMS server and have set both server and client in pre-production environment, and the IPCNotepad(http://code.msdn.microsoft.com/IPCNotepad-Sample-f67dae80)running normally. Now I'm trying to set up Office 2010 in pre-production development environment. I have searched out a page about this:

Setting up Microsoft Office 2007 in a pre-production environment

http://blogs.technet.com/b/rmssupp/archive/2009/02/18/setting-up-microsoft-office-2007-in-a-pre-production-environment-by-carsten-kinder.aspx

but the link of Office Format Protector Sample Code is unavailable and show me: The Archive Gallery has been retired.

So, can anybody tell me the steps to set up Office 2010, or where I can download the sample code?

Thanks!

Viewing all 1025 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>