Hi, the currently used certificate on my server 2008r2 RMS server is not valid anymore. for some strange reason Im not able to renew it in my CA and have wasted too much time trying too..
so I've decided it would be easier just to replace it with a new one and was wondering if that would have any implications on previously encrypted docs.
i'm not using any sharepoint server in the org and the encrypted files are being used only on our fileserver.
thank you,
Gil
Hi all experts,
I add a registry of STARTUP batch file under HKEY_LOCAL_MACHINE\..\..\..\Run which it can be executed after reboot or log-out/log-in by administrator login which it is login by administartor account of local computer.
Is there any ways to make the STARTUP batch file can be activated after reboot or log-out/log-in by Domain\user.
Since I try to add registry under HKEY_CURRENT_USER\..\..\..\RUN after reboot or log-out/log-in by Domain\user
It can be activated log-in by administrator local computer then Domain\user, but fail to be activated by Domain\user directly no matter reboot or log-out/log-in.
The STARTUP bathc file which is under a folder of C drive.
Thanks, guys.
We have SharePoint 2010 on-premises server having Users on SQL server. WE have AD and Different SQL user to access Sahrepoint portal.
I want to Intergrate this SharePoint 2010 with ADRMS but Want to use the sharepoint Users to use ADRMS templates.
Please let me know how can we achieve this.
Hi guys,
One of our employees is having trouble securing Office 2013 files using RMS.
When she tries she is presented with the following error:
Our RMS server is Windows 2003 R2.
This is only happening with one employee. I have confirmed that I can logon to her machine and successfully secure documents. Getting her to try on a different machine still fails.
I have inherited this system about 3 years ago and have not had any issues until now. I have checked the Windows RMS Administration page but cannot find anything relating to specific users.
Any advice on how to get this resolved would be greatly appreciated.
If there is any other information needed please let me know.
Regards,
Locust12
I have an AD forest/domain and am joined to the domain, logged in as a domain user.
I'm using RMS 1.0 with SP2 on a Windows Server 2003 server with SP1.
I have been using Office 2010 with RMS fine, and this still works.
I have now installed Office 2013, and RMS is not working. When I open a protected file I get the following error:
"You do not have permission to open this document"
When I open a new document and try to protect it by going to Protect Document -> Connect to Digital Rights Management Servers and get templates I get the following error:
"To use content with restricted permission you must reinstall and repair the Windows Rights Management components. If the problem continues, contact your administrator"
My client is Windows 8. I am running Office 2010 and Office 2013 together on the same client (I need Outlook 2010 as I have Exchange 2013, and I just installed the whole lot as my research suggested this would be OK and I thought I would have access to both versions during my learning transition).
As I've said, RMS works fine with Office 2010.
On the RMS server I am seeing the following events when I unsuccessfully try to open a protected document in Office 2013:
A client request contains secure data that is not trusted and that cannot be processed. The following information was reported: Microsoft.DigitalRightsManagement.Licensing.UntrustedPersonaCertException: The account certificate supplied by the requestor
was not issued by a trusted user domain server.
at Microsoft.DigitalRightsManagement.Core.ComponentBase.ValidatePersonaCert(PersonaCertificate oPersonaCert)
at Microsoft.DigitalRightsManagement.Licensing.LicensePipeline.GenerateEUL(PersonaCertificate oPersonaCert, SignedRightsLabelDocument signedRightsLabel, String Ticket, IDrmsPropertyBag propertyBag)
at Microsoft.DigitalRightsManagement.Licensing.LicensePipeline.PipelineAcquireLicense(AcquireLicenseParams[] RequestParams, HttpRequest request, IIdentity userIdentity)
For more information, see Help and Support Center
Help!
Hi All,
we have RMS 2.0 and AD 2003 Exchange 2007 Sp3 in the development environment. We have published the RMS Templates to USER1, USER2 and User3. When we send Restricted E-Mails to and from USER1 and USER2 it is ok, we have the following issue;
1) When we keep USER3 in CC to any mails to and from USER1 and USER2 the E-mail is not getting Delivered
2) When we send any restricted E-Mail Exclusively to USER3 it is getting Delivered
Actually we need to resolve why the e-mail is not getting delivered when we put USER3 in Cc.
Kindly advise what is missing or if there is anything misconfigured.
Thanks in advance
Dear sir,
I want to allowed user to access particular no. of sites for ex. www.google.com, all banking sites and gov sites only in any browser pleas guide me to how to allowing these sites only.
Just a quick FYI regarding the SLC for RMS. Windows Rights Management Services clusters that are based on Windows Server 2003 or Windows Server 2003 R2 use a root certificate (also called Server Licensor Certificate or SLC) that is issued by a service hosted by Microsoft. Originally, these certificates were issued with a one-year lifespan, which means that they must be renewed every year for the RMS cluster to continue working.
The Windows Server 2003 support lifecycle is set to expire in July 2015 so Microsoft changed the lifetime of SLCs that are issued for Windows Rights Management Services to 7150 days. This change was made to allow Windows Rights Management Services servers and clusters to continue to work after the service that is used to issue SLCs is decommissioned after the end of support of Windows Server 2003.
You can get all of the details here: http://blogs.technet.com/b/rmssupp/archive/2013/06/05/kb-server-licensor-certificate-duration-for-windows-rms-extended-to-7150-days.aspx
Hi, the currently used certificate on my server 2008r2 RMS server is not valid anymore. for some strange reason Im not able to renew it in my CA and have wasted too much time trying too..
so I've decided it would be easier just to replace it with a new one and was wondering if that would have any implications on previously encrypted docs.
i'm not using any sharepoint server in the org and the encrypted files are being used only on our fileserver.
thank you,
Gil
I am starting to do my preliminary research as I start to dive into AD RMS. So far I see that Windows 7 already has the RMS client v1.0. I see that v2.1 was released. Do I need to deploy that to all my Windows 7 workstations?
What improvement does v2.1 introduce?
Hello!
Every time I access the Active Directory Rights Management Services i get the following security alert:
"the name of the security certificate is not valid or does not match the name of the site"
If I check the urls https://rms.domain.pt/_wmcs/licensing/license.asmx or the https://rms.domain.pt/_wmcs/certification/certification.asmx I get NO warning at all.
Here are the cluster details:
Did I miss anything during the RMS installation ? Or can this be a problem ?
Thank you,
Miguel Ângelo Saragoça Soares
Hello all
I was wondering. Recently i have been getting warnings that an ip adress wants access through my firewall. I have 4 options to choose from : Deny once , Always deny , Allow once , Always allow. I think my brother was sick of the warnings and clicked "Always Allow". Now nothing weird has happened for over a week , but i'm getting a little paranoid that i might get hacked. Is there a way to "unallow" this/these ip adresses to get through my firewall once i allowed access? I use windows 7 and my firewall is always on. Someone please help me! Kind regards from Sven
Hello ,
I have the following issue with AD RMS after installation ,
please advice ,
Hi guys,
One of our employees is having trouble securing Office 2013 files using RMS.
When she tries she is presented with the following error:
Our RMS server is Windows 2003 R2.
This is only happening with one employee. I have confirmed that I can logon to her machine and successfully secure documents. Getting her to try on a different machine still fails.
I have inherited this system about 3 years ago and have not had any issues until now. I have checked the Windows RMS Administration page but cannot find anything relating to specific users.
Any advice on how to get this resolved would be greatly appreciated.
If there is any other information needed please let me know.
Regards,
Locust12
Hello,
I am trying to integrate our On-Premise AD RMS Cluster with Windows Live ID support, however when I attempt to enable it via PowerShell (the "Trust Windows Live ID" option in the GUI is missing), I receive the error:
"Import-RmsTUD : Trusting external Microsoft accounts is not supported under AD RMS cryptographic mode 2."
How do I get around this? I don't think switching to cryptographic mode 1 is even an option...
Thanks in advance.
Simon
Simon
Hello,
I am trying to integrate our On-Premise AD RMS Cluster with Windows Live ID support, however when I attempt to enable it via PowerShell (the "Trust Windows Live ID" option in the GUI is missing), I receive the error:
"Import-RmsTUD : Trusting external Microsoft accounts is not supported under AD RMS cryptographic mode 2."
How do I get around this? I don't think switching to cryptographic mode 1 is even an option...
Thanks in advance.
Simon
Hi,
I am getting below mentioned error while I am trying to start ADRMS console. Windows environment is 2008 R2 with sp1.
Kindly help to get it resolve....
An error occurred when the Active Directory Rights Management Services (AD RMS) Logging service attempted to retrieve data from the configuration database. The Logging service cannot process MSMQ messages until the logging service is able to communicate with the configuration database. You do not need to restart the Logging service.
Parameter Reference
Context: Logging.GetConfigurationFromDatabase
HelpLink.ProdName: Microsoft SQL Server
HelpLink.EvtSrc: MSSQLServer
HelpLink.EvtID: 2
HelpLink.BaseHelpUrl:
HelpLink.LinkId: 20476
System.Data.SqlClient.SqlException
Message: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server
is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)
HelpLink.ProdName: Microsoft SQL Server
HelpLink.EvtSrc: MSSQLServer
HelpLink.EvtID: 2
HelpLink.BaseHelpUrl:
HelpLink.LinkId: 20476
Regards
Pradeep
Is there a way to disable the ability for an end user to forward a meeting invite they receive from a coworker to another coworker? I read about the IRM but I can't tell if that will let you do it or not. We are running Exchange 2010 and a mix of Outlook 2007 & 2010 clients.
Thanks.
I tried to develop an adrms application by using the adrms sdk.
First of all, I set up the lab. environment referring to msdn "adrms step-by-step guide".
It works fine for the word product to limit the right for specific rights account(production mode).
However, when I switched to pre-production mode and tried to do it with code. The machine and user activation worked just fine. But trying to call GetSecureEnvironment method caused an error "0x8004cf19" which means E_DRM_BROKEN_CERT_CHAIN.
PS. I referred to this thread. The author got the same problem with me. But I can not understand the solution provided by the author which says "Solution:Re-issued production certificate from Microsoft has solved the problem." I tried to contact with the author but without any reply until now.
If you guys can give me any kind of help I would appreciate it very much.