Can Office Depot load win10 in my pc but not give software or codes to me I payed $198 for? I thought I was getting Disk of windows10 software
↧
Is it legal ?
↧
AD RMS - Office 365 Messaging Encryption
I would like to know if we could use AD RMS at on-premises having exchange servers (rather using Windows Azure ADRMS services) to leverage Office 365 Messaging encryption. Yes of course we will configure mail flow through EOP.
↧
↧
Unable to add user to RMS Policy Template
Hello,
I have configured AD Right Management Service Server 2016 Role in our environment but I received following error when assigning user to the RMS Policy Template.
"No email address was found for the selected user or group."
The issue is we do not have Exchange server installed in our environment as we are using Gmail via Gsuite for emails.
I wanted to know how do I by-pass this email requirement, also can RMS policies be applied if there is no exchange installed in an environment.
A quick response is critical in this response.
Thanks
Fawad
↧
DC only allow one user to login.
Hi,
I have set up and Active Directory.
On this directory I have added 2 users that both are in these groups "Administrator, Domain Admin, Remote Users"
When I log in to a remote server that is connected to the AD with user1 from the AD, then it logs in fine with no troubles.
If I then sign this user out, to login with user2, then I get the error "There are currently no logon servers available to service the logon request."
This usually means that it cannot connect to the DC, but when the first user can, why can the second never?
I would appreciate if you know what setting I might havet set wrong.
↧
FSMO roles transfer
Hi Techies,
I have a Windows 2012 DC edition with AD installed in it. Recently we had another server, installed with Windows 2012 Std edition. I installed AD and transferred the FSMO roles. When I query the FSMO roles (all 5 roles), I get to see the FQDN of the new
server. However, I have the following problem.
1. only with the old AD is on, the netbios on network card pop ups.
2. Able to access the AD objects only when the old AD server is turned on.
3. When I right click on my domain name - change domain controller - I see three names (My new server name, old server name and there is another server which was crashed and wasn't cleaned up.
Please help me with the above issues.
Anand K
↧
↧
How to consume RMS protected-content using Office Standard 2013 or Standard 2016
As learnt from the Microsoft page that the office Standard 2013/2016 should support consuming the RMS protected document (Read Only), but it is failed when I try to use Office standard 2016 to open a RMS-protected document. Are there any settings I need
to do before I can open the document.
↧
Migrating File Server
Hi
I have a old file server with lots of shares which we need to retire. We can not perform in-place upgrade. The files are on the ISCSI SAN attached to the server. So we can detach the server and attach a new server, how do we move the share information to the new server?
Vic Abrahamian
↧
IRM and Exchange 2013 OWA
Outlook (2010 SP2) and OWA (Exchange 2013 CU6) have different behavior when viewing a message secured with AD RMS.
I have enabled IRM successfully for internal use. I've set a test policy that allows messages to only be viewed for one day. After one day, viewing secured messages via Outlook is blocked as expected. The issue is when I view the message via OWA, I can see the body content. The content is not protected, only attachments are protected.
A message that is intended to be protected but without attachments can be viewed via OWA even if it has been set to expire. Viewing the same message in Outlook is prohibited, as it should be.
I have enabled IRM successfully for internal use. I've set a test policy that allows messages to only be viewed for one day. After one day, viewing secured messages via Outlook is blocked as expected. The issue is when I view the message via OWA, I can see the body content. The content is not protected, only attachments are protected.
A message that is intended to be protected but without attachments can be viewed via OWA even if it has been set to expire. Viewing the same message in Outlook is prohibited, as it should be.
I tried to open a thread in the Exchange forum but they said that it is a RMS issue and that you guys would know what to do.
http://social.technet.microsoft.com/Forums/en-US/6b253c68-956c-43ef-a071-0b76e537ef56/owa-and-irm?forum=exchangesvrclients
Please help!
↧
Kerberos double hop - not what you think
Why would double hop work when the middle server computer object is set to "Do not trust this computer for delegation"?
The servers in question are both SQL Servers. Both the middle and 3rd servers have "Do not trust this computer for delegation" set. The middle server is clustered. Both nodes it's clustered on are also set to "Do not trust this computer for delegation".
Why is a double hop working?
Chuck
↧
↧
AD RMS: "Archive Rights Policy Template" and "Manage Archived Rights Policy Templates" explanation
Hi everybody,
I'm trying to figure out many of AD RMS configurations. Then I encountered "Archive Rights Policy Template" and"Manage Archived Rights Policy Templates" and I could not possibly find any documentation or step by step manual how to go about those options.
Screenshot
I'd like to know:
1) How to "Archive this RPT" plus description of what this really is all about. What's the difference between creation and archival of RPT?
2)In the Actions pane you can either manage RPT or archived RPT- any suggestions, manuals, step by step (with screenshots) actions?
3)Power shell commands to do the aforementioned actions???
I tried to find ANY article on this topic, but nothing there exists...
Thanks!
↧
AD RMS: "Rights Account Certificate Policies"
Hi again,
Another mystery I'm trying to figure out is called... "Rights Account Certificate Policies".
Again, I leafed through much of the documentation but info about this bird nowhere could be found. Can somebody provide the description of what this is plus how to use it in practice (how about step by step screenshot thing?).
Let's break another mystery open...
Another "mystery" here: "AD RMS: "Archive Rights Policy Template" and "Manage Archived Rights Policy Templates" explanation"
↧
Restricted Acess - Grayed Out
Greetings!
I am installing an AD RMS in my Company Structure. I am trying to protect a file, although, the option Restricted Access doesn't seem to be enabled. When I put this im my options bars, it is grayed out. I have installed RMS client software, tried to modify registers and so on, but so far, no luck Anyone has a clue of why this happen?
Thanks in advance.
↧
Active Directory Rights Management Service:"Create Custom Right"
Hi,
I'm checking out distributed right policy templates and there is this option "create custom right". Has anybody tried this one? When would you use this one? I think you can select them all from the box. Anybody?
Thanks!
↧
↧
Under the AD RMS2012 environmentclient, users can use office 2013, but not office 2016
My environment is ad RMS 2012, and internal URL uses HTTP protocol. On the same win10 client in internal environment, users cannot encrypt and decrypt using office 2016, but there is no problem to use office 2013.The error is as follows:There was an error trying to contact the ad RMS server. Please try again later or contact your administrator.
analysis tools log:
2019-11-22 11:17:28 INFO Microsoft Office 2016 mode: x86
2019-11-22 11:17:28 INFO MSDRM Version: 6.2.18362.1
2019-11-22 11:17:28 INFO RMS Analyzer version: v1.0.1.478
2019-11-22 11:17:29 INFO --- Initialization completed ---
2019-11-22 11:17:29 INFO Template path: C:\Users\changyh\AppData\Local\Microsoft\DRM\Templates
2019-11-22 11:17:29 INFO Template path: C:\Users\changyh\AppData\Local\Microsoft\MSIPC\Templates
2019-11-22 11:17:39 INFO Diagnostics Type selected: AdRmsEndUser
2019-11-22 11:17:39 INFO --- Enabling AdRmsEndUser navigation view ---
2019-11-22 11:17:39 INFO Finding service location using MSDRM.
2019-11-22 11:17:41 INFO Certification Internal endpoint: http://...
2019-11-22 11:17:41 INFO Certification External endpoint: https://...
2019-11-22 11:17:41 INFO Licensing Internal endpoint: http://...
2019-11-22 11:17:41 INFO Licensing External endpoint: https://...
2019-11-22 11:17:41 INFO Group Expansion endpoint: http://...
2019-11-22 11:17:41 INFO Azure RMS endpoint: False
2019-11-22 11:17:47 INFO --- Running diagnostic tests ---
2019-11-22 11:17:48 INFO Executing diagnostic: My computer has the correct date and time
2019-11-22 11:17:48 INFO Contacting the Primary Domain Controller (PDC) for domain time.
2019-11-22 11:17:48 INFO Network time: 2019/11/22 11:18:25
2019-11-22 11:17:48 INFO Local time: 2019/11/22 11:17:48
2019-11-22 11:17:48 INFO Difference between network time and local time: 00:00:36.1495323
2019-11-22 11:17:48 INFO Windows Time verification succeeded.
2019-11-22 11:17:50 INFO Executing diagnostic: The RMS Service Connection Point (SCP) is registered
2019-11-22 11:17:50 INFO Contacting Active Directory for the SCP.
2019-11-22 11:17:50 INFO SCP returned: http://...
2019-11-22 11:17:50 INFO Service Connection Point (SCP) verification succeeded.
2019-11-22 11:17:51 INFO Executing diagnostic: I can find my RMS endpoints using service discovery
2019-11-22 11:17:51 INFO Contacting endpoint for certification service: http://...
2019-11-22 11:17:51 INFO Find Service Location verification failed.
2019-11-22 11:17:51 ERROR System.web.services.protocols.soapexception: an exception of type 'system. Web. Services. Protocols. Soapexception' was thrown. --->Microsoft.digitalrightsmanagement.utilities.unspecified errorexception: an exception
of type 'Microsoft. Digitalrightsmanagement. Utilities. Unspecified errorexception' was thrown.
---End of inner exception stack trace---
In microsoft.digitalrightsmanagement.core.servicelocator.findservicelocationsforuser (servicelocationrequest [] servicenames)
2019-11-22 11:17:53 INFO Executing diagnostic: My computer trusts the RMS SSL certificates
Any assistance would be appreciated.
↧
Under the AD RMS2012 environment, users can use office 2013, but not office 2016
My environment is ad RMS 2012, and internal URL uses HTTP protocol. On the same win10 client in internal environment, users cannot encrypt and decrypt using office 2016, but there is no problem to use office 2013.The error is as follows:There was an error trying to contact the ad RMS server. Please try again later or contact your administrator.
analysis tools log:
2019-11-22 11:17:28 INFO Microsoft Office 2016 mode: x86
2019-11-22 11:17:28 INFO MSDRM Version: 6.2.18362.1
2019-11-22 11:17:28 INFO RMS Analyzer version: v1.0.1.478
2019-11-22 11:17:29 INFO --- Initialization completed ---
2019-11-22 11:17:29 INFO Template path: C:\Users\changyh\AppData\Local\Microsoft\DRM\Templates
2019-11-22 11:17:29 INFO Template path: C:\Users\changyh\AppData\Local\Microsoft\MSIPC\Templates
2019-11-22 11:17:39 INFO Diagnostics Type selected: AdRmsEndUser
2019-11-22 11:17:39 INFO --- Enabling AdRmsEndUser navigation view ---
2019-11-22 11:17:39 INFO Finding service location using MSDRM.
2019-11-22 11:17:41 INFO Certification Internal endpoint: http://...
2019-11-22 11:17:41 INFO Certification External endpoint: https://...
2019-11-22 11:17:41 INFO Licensing Internal endpoint: http://...
2019-11-22 11:17:41 INFO Licensing External endpoint: https://...
2019-11-22 11:17:41 INFO Group Expansion endpoint: http://...
2019-11-22 11:17:41 INFO Azure RMS endpoint: False
2019-11-22 11:17:47 INFO --- Running diagnostic tests ---
2019-11-22 11:17:48 INFO Executing diagnostic: My computer has the correct date and time
2019-11-22 11:17:48 INFO Contacting the Primary Domain Controller (PDC) for domain time.
2019-11-22 11:17:48 INFO Network time: 2019/11/22 11:18:25
2019-11-22 11:17:48 INFO Local time: 2019/11/22 11:17:48
2019-11-22 11:17:48 INFO Difference between network time and local time: 00:00:36.1495323
2019-11-22 11:17:48 INFO Windows Time verification succeeded.
2019-11-22 11:17:50 INFO Executing diagnostic: The RMS Service Connection Point (SCP) is registered
2019-11-22 11:17:50 INFO Contacting Active Directory for the SCP.
2019-11-22 11:17:50 INFO SCP returned: http://...
2019-11-22 11:17:50 INFO Service Connection Point (SCP) verification succeeded.
2019-11-22 11:17:51 INFO Executing diagnostic: I can find my RMS endpoints using service discovery
2019-11-22 11:17:51 INFO Contacting endpoint for certification service: http://...
2019-11-22 11:17:51 INFO Find Service Location verification failed.
2019-11-22 11:17:51 ERROR System.web.services.protocols.soapexception: an exception of type 'system. Web. Services. Protocols. Soapexception' was thrown. --->Microsoft.digitalrightsmanagement.utilities.unspecified errorexception: an exception
of type 'Microsoft. Digitalrightsmanagement. Utilities. Unspecified errorexception' was thrown.
---End of inner exception stack trace---
In microsoft.digitalrightsmanagement.core.servicelocator.findservicelocationsforuser (servicelocationrequest [] servicenames)
2019-11-22 11:17:53 INFO Executing diagnostic: My computer trusts the RMS SSL certificates
Any assistance would be appreciated.
↧
Group policy for user rights assignment, service account group doesn;t work but indviual account is ok
so in my group policies i have the uesr reight assignments set for "domain\service account" group, on my member server it picks it up and in local sec pol it shows that "doamin\service account" has the right to log on local, however when i start the program with a service account that is in that group it throws and error and says account needs log on local rights.
so if i edit the GPO and add the account instead of the group do all the GPupdate stuff and then start the program it works.
why can't programs see into security groups and give all accounts in the security group log on local.
my AD and group policies are going to get out of control if i have to build OU's and seperate policies for ever program to add each indvidual service acount to the log on local policy.
↧
How to access RMS protected documents outside LAN
Hi,
I have an on premise RMS server running on WIN2008R2 which protects documents on a SharePoint 2010 server, now mobile users can not access downloaded protected documents from outside the office LAN, what would be the best solution to allow them to do so?
Thank you
↧
↧
Rghts policy template usage on AD RMS server for two network separated domains
Hi,
I am planning to setup one AD RMS server. In this setup two network separated domains (domain A and B) are taken into account.
AD RMS server is hosted on domain A. I would like users from domain B also able to use the Rights Policy Templates that are created on the AD RMS server.
Question 1: Are there any specific port requirements besides http or https?
Question 2: In the Rights Policy Template you have the option to grant permissions to e-mail of a user or group. Is it possible to grant access based on wildcard for example: *@userdomain.com? If it's not possible are there any alternatives (not ADFS) in granting acess to users in domain B?
Thank you for your help.
Gr. Chun Teng Chiu
↧
cannot see AD RMS Rights policy templates in Fsrm File server Windows Server 2016
Gents,
I'm deploying on promises AD RMS with FSRM and DAC as well, using windows server 2016.
Everything works fine. Except the File management task in fsrm. When trying to automatically encrypt files using RMS Encryption Action it doesn't work I got anerror :
File Server resource Manager
Error was encountered while running the file management task:
Exception from HRESULT: 0x8004CF3B
Also the policy templates that has been created on AD RMS Server
didn't show up on fsrm file management task?
I cannot find any document that talk about how to do that? Except some old posts about Windows server 2008R2 talking about adding some registry entries! (I did everything found there thought would help with no success!)
I think this is because Microsoft is pushing the world to the Cloud, and stop supporting such features :-( .
Please advise.
↧
Domains not listed in group location selection when adding to file server
All,
I recently replaced my domain controllers across 5 domains with 2016 servers. Since I have done that with no changes to GPO, etc. WHen I go to to a file share server, select properties, then security tab, I go to add a group from locations and I cannot select my domains to search for groups. They are blank. I made no GPO changes can someone assist? I am not sure how to even google this problem.
↧