none
AD RMS

    Pergunta

  • Hello, Im am new to AD RMS. I would like to use AD RMS for Exchange.

    I am sticking here with the same problem over and over again.

    I installed windows 2008R2 in a virtualized lab environment.

    I created a self signed certificate during the installation.

     

    Thanks for any help in advance !

     

    Careen

    and I am getting this error messages:

     

     

     

    <Informational>: This server might need to be restarted after the installation completes.

     

     

    Active Directory Rights Management Services

    Cluster Type Licensing-only cluster

     

    Trust Hierarchy Production

     

    Configuration Database Server Windows Internal Database

     

    Service Account LOCAL\AD_RMSService

     

    Cluster Key Storage AD RMS centrally managed key storage

     

    Cluster Web Site Default Web Site

     

    Cluster Internal Address https://rms.local.com:443/

     

    SSL Certificate C1C123938C49E06D0DF67ADCCAF264CB705D29DB

     

    Licensor Certificate Name RMS

     

     

    Active Directory Rights Management Services: Installation succeeded with errors

    <Error>: Attempt to configure Active Directory Rights Management Server failed. The AD RMS installation could not determine the certificate hierarchy. If the AD RMS service connection point (SCP) you need to use is registered in Active Directory but is not valid, revise it to make it valid, or create a new SCP, and install AD RMS again. at Microsoft.RightsManagementServices.Configuration.LicensingServerSelfEnrollment.DecideCertificateHierarchy() at Microsoft.RightsManagementServices.Configuration.CertificationServerSelfEnrollment.Enroll(EnrolleeServerInformation enrolleeInformation, EnrolleeRevocationInformation revocationInformation, String certificateDisplayName, String cspName, String keyContainerName) at Microsoft.RightsManagementServices.Configuration.ProvisioningBase.Enroll() at Microsoft.RightsManagementServices.Configuration.ProvisioningBase.Run() at Microsoft.RightsManagementServices.Configuration.ProvisionerBase.DoProvision() at Microsoft.RightsManagementServices.Configuration.ProvisionerHelper.Run(OperationType operationType, Object data) at Microsoft.RightsManagementServices.Configuration.CmdLineHandler.Run() Remove and re-install AD RMS to attempt provisioning again.

     

    <Warning>: Before you can administer AD RMS on this server, you must log off and log on again.

     

    The following role services were installed:

     

    Active Directory Rights Management Server

     

    Please refer to the full log at: 'C:\Users\AD_RMS\AppData\Local\Temp\ServerManager.log'

     

     

    terça-feira, 6 de setembro de 2011 00:25

Respostas

Todas as Respostas

  • The certificate should be issued from a trusted root certification authority. Do you have certificate services configured in the A.D. If so install the certificate to AD RMS from the certification authority;or else create an active directory certifcate services for active directory domain.
    If you found this post helpful, please "Vote as Helpful". If it answered your question, remember to "Mark as Answer". MCSE,MSCITP-EA
    terça-feira, 6 de setembro de 2011 03:16
  • Thanks for your help !

    I have a  hickup with understanding Certificates. .. Sorry...

    I did not want to spend money for a test environment .

    If I install the Active Directory Certificate Services ...

    where is the best place ? ( with AD RMS- on my domain controller)

    and does this replace a certificate from a trusted root certification authority ?

     

    ...   thanks again ....

     

     

    terça-feira, 6 de setembro de 2011 03:52
  • AD RMS related issues should be posted here

    http://social.technet.microsoft.com/Forums/en-US/rms/threads


    http://www.virmansec.com/blogs/skhairuddin
    terça-feira, 6 de setembro de 2011 05:36
  • Apologies !

    Could solve my problems thanks to answer above !

     

    Careens

    terça-feira, 6 de setembro de 2011 23:11