locked
AD RMS Sharepoint Integration RRS feed

  • Question

  • Hi,

     

    I have issue with ADRM integrating with SharePoint 2007 sp2. AD RMS is on Windows 2008 64bit.

    After entering the AD RMS server URL (https://<adrms-server-alias>:85555) to Administrative Toolsà SharePoint 3.0 Central Administration-> Operations ->Information Rights Management.

    I am getting below error:

    The required Windows Rights Management client is present but the server could not be accessed. IRM will not work until the server is accessible.

     

    In event viewer I see error for  Event ID 5058 and Event ID 5133.

    I tried to fix by going through solution motioned for these at below URL but no help.

    http://technet.microsoft.com/en-us/library/cc560955(office.12).aspx and http://technet.microsoft.com/en-us/library/cc531257(office.12).aspx

     

    At share point server I have added registry for

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSDRM\ServiceLocation\EnterprisePublishing

    https://<adrms-server-alias>:85555/_wmcs/Licensing

     

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSDRM\ServiceLocation\Activation

     

    https://<adrms-server-alias>:85555/_wmcs/Certification

     

    Also want to mention that this for test environment so I have used self sign certificate. Which is create for  “rms-servername”  but not for alias what I am using  adrms-server-alias”.

    adrms-server-alias is DNS alias for rms-servername

     

    Also I am able to access below from SharePoint server   Internet Explorer. (In IE I do see certificate error which might be bes I am using certificate which not match alias name)

    https:// adrms-server-alias :85555/_wmcs/certification/servercertification.asmx

     

     

    Any help how to get this work so Share Point can integrate RMS

    Wednesday, April 6, 2011 11:58 PM

Answers

  •  Hi Brijesh

     Well, first

    1. Please verify the Server C the Windows 2008 is completely patched and upto date
    2. then check if the ADRMS Internal URL is added to the browser trusted Intranet sites
    3. then make sure the RMS URL certificate is not self signed if you are using HTTPS url, if it is then copy the cert to the server certificate store
    4. then download the RMS toolkit and deploy it on the server (http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=1479)
    5. Run the IRMcheck tool and share the report

    Blog Link: http://blogs.cyquent.ae | Follow us on Twitter: @cyquent | ADRMS Wiki Portal: Technet Wiki

    Wednesday, August 17, 2011 8:46 AM
  • Hi Adnan,

    Thanks for your reply.
    I have used IRMCheck Tool. What i found there

    Check 1: Office System: Microsoft Office Server is not installed.

    Why I don't know. Actually Office 2010 English Version (Full) is installed with All Customized Option checked.
    Any Suggestion ?

     


    Thanks & Regards, Brijesh Shah
    Thursday, August 25, 2011 1:45 PM
  • the Central Administration web application looks up in Active Directory the registered RMS service connection point and tries to access the ServerCertification.asmx web service which is in the C:\Inetpub\wwwroot\_wmcs\Certification folder. Give to the account of the Cenral Administration's application pool Read&Execute rights on the ServerCertification.asmx file.
    Wednesday, December 28, 2011 10:21 PM

All replies

  • Hi ak567

     

    The certificate needs to match the URL entries, there are no two ways about it.

    Plus since it's self signed, the cert needs to be imported on the SPS server as well. Please issue the certificate from atleast a Domain CA, and the urls should match the Certificate Subject name.

    Why are you adding the alias URL's ? If really needed and it's a Test Lab, then use HTTP only for your testing.

    Regards

    Thursday, April 7, 2011 11:21 AM
  • Thank you once again!

    I will the right cert and will try. I will let you know whatever is outcome.

    Why are you adding the alias URL's ?

    -- I thought i might have to keep my test and move it to diffrent box. I dont know if it make any sence.:(

     If really needed and it's a Test Lab, then use HTTP only for your testing.

    -- I will try.

    Thursday, April 7, 2011 8:54 PM
  • I tried with HTTP with new setup and it is working. Will check with HTTPS and will update this post.
    Wednesday, April 13, 2011 3:56 PM
  • Hi Team,

    May be my issue is also related with this post at certain extend...

    I have sharepoint 2010 installed on windows 7 just 2 day before and RMS Server is installed on server 2003 from since last 3 month again with that RMS there is one Sharepoint 2007 Server is configured which is on Server 2003 again. So, Scenario is like

    One Server: Server A : Working Fine
    -- having RMS + Sharepoint 2007 (in Windows Server 2003)

    Second Server: Server B : Working Fine
    -- Sharepoint 2010 (in Windows 7)  + Server A's RMS Configured

    Third Server: Server C: RMS Not Working
    -- Sharepoint 2007 (in Server 2008) + Server A's RMS Configured

    Can anyone tell me why Server C Sharepoint 2007 is not working with Server A's RMS ?

    we (Me & My Team) has just created new Sharepoint Server 2007 (based on Client Need) but we are unable to map that with this existing RMS Server (Which is working with sharepoint 2007 & 2010 at other server) with this newly created sharepoint 2007 server.

    So, I guess there is something which we are missing likewise,

    1) May i have to install any patches, sp or tools in newly created sharepoint 2007 server ? to communicate with this RMS Server (Central Admin Windows Rights Management Services (RMS) we have configured and defined RMS Server url over there in third option).

    2) Is that scenario like we need to install same certificate in this sharepoint server which is at RMS Server ?

    3) Does we need to mention public key somewhere in sharepoint server whose certificate is installed in RMS Server ?

    Really I don't know but these are my assumption... So, you can get better idea till what steps i have done so far and what is remaining...




    Thanks & Regards, Brijesh Shah
    Monday, August 15, 2011 11:14 AM
  •  Hi Brijesh

     Well, first

    1. Please verify the Server C the Windows 2008 is completely patched and upto date
    2. then check if the ADRMS Internal URL is added to the browser trusted Intranet sites
    3. then make sure the RMS URL certificate is not self signed if you are using HTTPS url, if it is then copy the cert to the server certificate store
    4. then download the RMS toolkit and deploy it on the server (http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=1479)
    5. Run the IRMcheck tool and share the report

    Blog Link: http://blogs.cyquent.ae | Follow us on Twitter: @cyquent | ADRMS Wiki Portal: Technet Wiki

    Wednesday, August 17, 2011 8:46 AM
  • Hi Adnan,

    Thanks for your reply.
    I have used IRMCheck Tool. What i found there

    Check 1: Office System: Microsoft Office Server is not installed.

    Why I don't know. Actually Office 2010 English Version (Full) is installed with All Customized Option checked.
    Any Suggestion ?

     


    Thanks & Regards, Brijesh Shah
    Thursday, August 25, 2011 1:45 PM
  • Hi guys,

    Just came across this post since we experienced exactly the same problem - and in our case it was due to an incorrect PKI certificate on the RMS IIS web site.

    We picked this up when we were manually connecting to the RMS /_wmcs/certification.asmx file via a browser from the MOSS server we got an untrusted certificate result in the browser.

    hope this help & regards,

    SK

    Tuesday, September 13, 2011 7:10 AM
  • the Central Administration web application looks up in Active Directory the registered RMS service connection point and tries to access the ServerCertification.asmx web service which is in the C:\Inetpub\wwwroot\_wmcs\Certification folder. Give to the account of the Cenral Administration's application pool Read&Execute rights on the ServerCertification.asmx file.
    Wednesday, December 28, 2011 10:21 PM