Quantcast
Channel: Active Directory Rights Management Service(On premise) forum
Viewing all 1025 articles
Browse latest View live

this content cannot be displayed in a frame

May 6, 2013, 12:11 am
$
0
0
So in excel I have gone to 'protect workbook-restrict permission by people', but after I confirm that I have a windows live account the next part fails to load displaying 'This content cannot be displayed..To help protect the security of information you enter into this website, the publisher of this content does not allow it to be displayed in a frame'......can anyone help with this please?

Jude

Search

List all users on microsoft server 2008 (not R2) vbs

May 6, 2013, 1:08 am
$
0
0

Hi,
I have to generate a list with all domain users and create a .csv file using VBS (this is my first request) . I have searched on the internet and found some non working scripts, one seems to be harmfull it keep the cpu at 80% and blocked my server  so i need help.

the second part, i have to manipulate another .csv file that has a column of information for every user.

Renewing Server Licensor Certificate Issue

May 6, 2013, 8:22 am
$
0
0

RMS experts,

We have RMS 1.0 SP2 and we moved database from SQL Server 2000 to SQL server 2008, and after clearing up some issues, we now need to renew server licensor certificate. I am getting an error "The underlying connection was closed: Could not establish trust relationship with remote server." .There is an option for offline renewal but I was able to do it online before the database migration. Seems like can't connect to http.

Any help will be appreciated. Thanks.

-Hubble

Questions around protection and migration of documents

April 27, 2012, 12:02 am
$
0
0

Hi All,

I need to clarify some issues related to my RMS to ADRMS migrations. Appreciate your comments,

1. How to remove permission on document applied by RMS using a centralized template.

2. Can we identified which documents protected by RMS by whom (Admin traceability)

        3. How end user identify write protected documents

Dilshan

IRM: This content cannot be displayed in a frame

May 7, 2013, 2:41 pm
$
0
0
The same with my excel file  .. I confirm that I have a windows live account the next part fails to load displaying 'This content cannot be displayed in a frame'.......

New RMS Environment

May 10, 2013, 8:56 am
$
0
0

Just a couple of general questions I could not find the answer to in the knowledge base.

I plan on setting up a new 2012 ADRMS virtual server.  I have 2008 SQL Ent R2 SP1, Exch 2010 and my AD is 08 R2.

1.  Will Exch 2010 work with 2012 ADRMS?  If so, can someone provide a link to what I need to enable on my exchange server?

2.  I will be using an SSL Public cert.  The RMS server should be public facing, yes?

3.  Anything else you think would assist me to setup the environment correctly.

Thanks in advance...

Folder - only read

May 10, 2013, 1:30 pm
$
0
0

Hello,

I have deployed adrms in a windows server 2008 r2. I have to restrict a folder on my file server. That folder ans subfolders can only be readed( no print, no copy,etc)

it is possible? how can i do it?

thanks

Alternate access mapping and IRM in SharePoint 2010

May 11, 2013, 6:45 am
$
0
0
Dear All, 

We have an issue with RMS and Alternate access Maping 

Please find it below

The following scenario is happening when we open a document from IRM enabled Library


Iteration 1( Alternate Access Mapinng without Implementation)

http://sharepoint:123456 is your central admin

http://sharepoint:654321 is your site collection

Its working fine



Iteration 2 (Alternate Access Mapinng with Implementation)

http://sharepoint:123456 is your central admin

http://mossservername:654321 is your site collection (Extended web application)


we are facing the following issue when we open a document from IRM enabled Library

When I tried to open Excel I got following error
Microsoft Office Excel cannot access the file 'http://mossservername:654321 /Documents/Filename.xlsx'. There are several possible reasons:
 
·         The file name or path does not exist.
·         The file is being used by another program.
·         The workbook you are trying to save has the same name as a currently open workbook.
 
When I tried to open Word , I got following error
Microsoft Office Word:
"http://mossservername:654321 /Documents/Filename.doc" does not exist.Check your spelling or try another path

Please help us to sort it out

Thanks in Advance
Scorpion
Search

Any available beginner guide to coding AD RMS in C#?

May 13, 2013, 2:12 am
$
0
0

Hi all,

I am very new to AD RMS and C#. I have downloaded AD RMS SDK 2.1 and found it to be coded in C++.

I would like to create an application in C# which is able to protect (Encrypt/Decrypt) an Office document. Is there any helpful beginner or simple guide around? Thanks in advance!

client not connect to RMS server

May 14, 2013, 1:44 pm
$
0
0

Hello,

I deployed ADRMS but when i try to see the templatesin outlook i have an error;

"the service is temporaqrily unavailable. ensure that you have cionnectivity..."

IRMcheck.exe give me this results:

http://s17.postimg.org/sd3wpqn73/Sin_t_tulo1.jpg

http://postimg.org/image/kn57nr0qf/

is there any error? i look that rm activation service has one url and lines below has another url...

it could be the problem?

thanks

Create new AD-RMS Licensing only cluster is not showing .

May 16, 2013, 10:03 pm
$
0
0

I am trying to configure AD RMS for Sharepoint Server 2010 on window server 2012 by using below reference :

http://msmvps.com/blogs/ivansanders/archive/2012/06/08/check-out-the-weather-forecast-for-teched-2012.aspx

I have created separate server and installing AD-RMS service using Enterprise Admins Account . It is successfully installed . But at the time of configuring the option Create new AD-RMS Licensing only cluster is not showing .

We already have separate existing server for AD . And I am configuring RMS on another server .

Warning It is showing as below .

 

"The SCP is Registered but the root cluster can not be contacted . Yo can still join an existing cluster . The Remote name could not be resolved :'wrmserver'"

Message when configuring RMS



Create new AD-RMS Licensing only cluster is not showing

May 16, 2013, 10:17 pm
$
0
0

I am trying to configure AD RMS for Sharepoint Server 2010 on window server 2012 by using below reference :

http://msmvps.com/blogs/ivansanders/archive/2012/06/08/check-out-the-weather-forecast-for-teched-2012.aspx

I have created separate server and installing AD-RMS service using Enterprise Admins Account . It is successfully installed . But at the time of configuring the option Create new AD-RMS Licensing only cluster is not showing .

We already have separate existing server for AD . And I am configuring RMS on another server .

Warning It is showing as below .

 

"The SCP is Registered but the root cluster can not be contacted . Yo can still join an existing cluster . The Remote name could not be resolved :'wrmserver'"

How to find when and who change user account in windows 2003 domain

May 17, 2013, 8:57 am
$
0
0

Hi, Guru,

We have Windows 2003 domain network.

One user account was disabled one month ago. but I find it actives again last week. I try to find when and who re-enable the user account.

it is very hard to find the event. someone said I have to buy and use third part utility to track. does any guru can help?

I appreciate for any information!!!

thanks

George W 

administrator problem in win 8

May 18, 2013, 1:54 am
$
0
0

i tried to open c/usre/all users, but can't open.

please advise.

AD RMS Office 2010 does not give right restriction options

May 18, 2013, 2:04 am
$
0
0

Hi,

I have installed a AD RMS server role to a dedicated server and followed these instructions: http://technet.microsoft.com/en-us/library/cc753531(v=WS.10).aspx

I have a domain let say contoso.com and servers are: ADRMS.contoso.com(Server 2012, DC1.contoso.com(Server 2008 R2) and DB1.contoso.com(Server 2008 R2).

I have configured the AD RMS service to use URL https://rms.conto.com and redirections are done by network traffic controller and DNS which converts the requested address to specific IP(FQDN:ADRMS.contoso.com). It uses HTTPS/SSL. I can connect to ADRMS console from the server with that URL(required a regedit) and also can connect from client machines to https://rms.conto.com/_wmcs/certification/certification.asmx and https://rms.conto.com/_wmcs/licensing/license.asmx.

SCP is created to DC1 with serviceBindingInformation = https://rms.conto.com/_wmcs/certification

Problem is that when I open Word 2010 and create a document and try to do a Restrict Permission by People>Restrict Access, it only offers me Microsoft Live ID or Windows Account. If I choose Windows Account it has problem contacting "restricted permission service".

Have tried to clear DRM folder from %localAppData%\Microsoft\DRM but no help.

I also happed to notice a strange log at the ADRMS-server: 

This Active Directory Rights Management Services (AD RMS) cluster cannot perform an operation on one of the AD RMS databases. Ensure that all AD RMS databases are operating correctly on the network and that the AD RMS service account has read and write permissions to the databases.

Parameter Reference
Context: STATIC
RequestId: N/A
HelpLink.ProdName: Microsoft SQL Server
HelpLink.EvtSrc: MSSQLServer
HelpLink.EvtID: 18456
HelpLink.BaseHelpUrl: http://go.microsoft.com/fwlink
HelpLink.LinkId: 20476
SqlError-0.State: 1
SqlError-0.Class: 14
SqlError-0.Server: DB1
SqlError-0.Message: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
SqlError-0.Number: 18456

Microsoft.RightsManagementServices.LowSeveritySqlException
        Message: The Database Engine threw this exception in response to an error that can be corrected by the user, such as a missing database object or entity, possible data inconsistency, transaction deadlock, security setting problems, or SQL command syntax error.  Please examine the SqlError details for more information.
        HelpLink.ProdName: Microsoft SQL Server
        HelpLink.EvtSrc: MSSQLServer
        HelpLink.EvtID: 18456
        HelpLink.BaseHelpUrl: http://go.microsoft.com/fwlink
        HelpLink.LinkId: 20476
        SqlError-0.State: 1
        SqlError-0.Class: 14
        SqlError-0.Server: DB1
        SqlError-0.Message: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
        SqlError-0.Number: 18456
  + System.Data.SqlClient.SqlException
  +         Message: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.
  +         HelpLink.ProdName: Microsoft SQL Server
  +         HelpLink.EvtSrc: MSSQLServer
  +         HelpLink.EvtID: 18456
  +         HelpLink.BaseHelpUrl: http://go.microsoft.com/fwlink
  +         HelpLink.LinkId: 20476

Why it tries to connect to SQL server(DB1) with Anonymous -account? I have installed AD RMS with ADRMSADMIN -account(with correct permissions) and configured it to use ADRMSSRVC -account as service account.

Other thing is that I can't change that service account with ADRMSADMIN from the ADRMS -console because the "Next" is grey all the time.

Client computer are Windows7+Office 2010 Professional Plus
Search

AD RMS -Unable to get the certificate and clients dont get option to protect documents

May 17, 2013, 6:56 pm
$
0
0

Hello All- I ran the IRM checker tool and below is the result that I see on the computer with Win 7 os - Not sure how do I get the certificates to work or solve the issue .

Anand Shankar

2003 AD folder permissions and sub-folders

May 20, 2013, 12:28 pm
$
0
0

Hello,

Here's the scenario - I need to allow department B access to a specific sub-folder from department A. I added department B to the department A AD group. Next I added a drive mapping to my login script for department B directly to the department A folder.

For example: \department A main folder\department A/B subfolder

 
This works for the moment but I would like to configure this so department B has no other access rights to department A's data (if they were to poke around).

Out of domain issue with XPSViewer

May 21, 2013, 3:23 pm
$
0
0

Hi,

have deployed adRMS production server with intranet and extranet public address.

Using external certificate for https. Local domain Win7 client work without issue.

I have deployed a non-domain Win7 machine without domain network access and set :

1. Registry key for adrms service discovery.

2. Added external URL to Local Intranet.

Opening XPSViewer with xps doc and trying to set permissions always returns error (cannot activate any rights management account on this machine).

Running latest IRMCheck returns all green except for :

14. Domain Membership WARNING Member of WGTEST workgroup. You will be unable to acquire permanent Enterprise credentials or use "Everyone" permissions without being a member of a domain
Action:Contact your network administrator for more information 

17. User Email in AD ERROR The mail attribute for the logged on user is not set in the AD
Action:Please set the mail attribute for the logged on user in the AD or contact your domain administrator 

The #14 is ok for me but i believe the #17 is the problem. 

How can i work around it because the client is in workgroup and will not reach/be member of domain.

I've already tried to open rms link in IE and store credentials (reaching certification web service works ok) but it will not work.

I'll be having 120 PCs on production soon and kind of worried (to say the least).

Thans for an help you can share.

Best regards,

Joao

Issue with ADFS

May 22, 2013, 3:33 am
$
0
0

Hi all. I am testing an scenario with collaboration with an external partner and I am not able to make federated users work. What I have found out is the following:

  • The external user receives a protected document
  • Office tries to discover the RMS Service by going to /licensing/servicelocator.asmx
  • The RMS Server responds asking for authentication
  • Obviously there is no valid credentials to supply
  • No matter what I do (Cancel or add the site to trusted sites to get integrated authentication that will fail) the external client never shifts to the /licensingexternal/ pipeline

¿Any suggestion? I am using Office 2010

Thanks in advance

// Raúl - I love this game


AD RMS Access to protected content from trusted forest

May 23, 2013, 3:44 am
$
0
0

There is a forest abc.com with working  RMS. There is an trusted forest xyz.com without RMS cluster. It is necessary that users of the forest xyz.com could open the documents protected by means of RMS by users of the forest abc.com. To deploy RMS cluster in the forest xyz.com there is no opportunity. We must to organize access to RMS cluster to users from xyz.com as if they would be the users from Internet who don't have accounts in AD DS abc.com.

 

I used for setup article from MS+ created values in system registry on the client machine. Without them it is possible to use only MS Live ID.

As a result I received an error: "Unexpected error occurred..."

Actually questions:

1 . How to fix  error "Unexpected error occurred... "?

2 . Whether the candidate solution described in article is applicable generally for this scenario?

3 . Whether there is an opportunity to users from the Internet to get access to protected content without entering domain credentials and without using MS Live ID accounts?

Thanks.

MCP,MCTS


Viewing all 1025 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>