no "Trust Windows Live ID" in Action Pane RRS feed

  • Question

  • Hi Expert,

    Environment: Windows Server 2012 R2 ADRMS Cluster (2 servers) + 1 database server.

    I followed this article: http://technet.microsoft.com/en-us/library/cc753056.aspx

    But I cannot find "Trust Windows Live ID" in Actions pane, any tips for this? Thanks in advance.

    To trust Windows Live ID-based rights account certificates

    1. Log on to a server in the AD RMS cluster.

    2. Open the Active Directory Rights Management Services console and expand the AD RMS cluster.

    3. In the console tree, expand      Trust Policies  , and then click      Trusted User Domains  .

    4. In the      Actions   pane, click      Trust Windows Live ID  . The Windows Live ID certificate appears in the      Trusted user domain   list in the results pane.


    Thursday, May 22, 2014 2:12 PM

All replies

  • Hi Amoschb -

    This feature is being deprecated in favor of coming integration with the RMS for Individuals offering.  This offering provides additional functionality compared to the WLID option, including the ability for the individual to author protected content as well as consume it.  RMS for Individuals is supported with Azure RMS and you can read more about it here: http://blogs.technet.com/b/rms/archive/2013/07/16/introducing-rms-for-individuals.aspx

    I hope that helps,

    Micah LaNasa

    Synergy Advisors


    Wednesday, June 4, 2014 6:48 AM
  • Thanks Micah,

    seems it's a better option for individuals, but my requirements is that we need to share protected content with people outside organization, and we have RMS on premises deployment.

    P.S., one of non-domain joined clients (Widows 7 Ultimate, Office Enterprise 2007) is configured to consume the protected content, but when I click 'Restricted Access' in Word/Excel, the pop-up window says that I need to create a Windows Live ID first before using IRM.

    I've tried to solve it by using irmcheck.exe, everything is green from the result.

    Is there any tips for this issue?

    Thanks in advance!



    Wednesday, June 4, 2014 12:54 PM
  • Hi Amoschb -

    The RMS for Individuals is a dramatic improvement over the WLID offering, but, as you have noted, it's not currently available for on-premises RMS.  However, it will be available in the near future (I apologize that I cannot give an exact date).  I advise periodically checking in on the RMS Blog (http://blogs.technet.com/b/rms/) for an announcement. 

    If you have a non-domain-joined computer and it's giving you that error, my first thought is that the machine is not bootstrapped.  It has no ability to check AD and find its RMS cluster so it asks you to sign up for the WLID account.  Easiest way to get this user started is to create a protected email/doc and send it to the user to open on that device.  The URLs in the email/doc will point the user to its RMS cluster to bootstrap and then the problem should go away.

    I hope that helps!

    Micah LaNasa

    Synergy Advisors


    Thursday, June 5, 2014 3:57 AM
  • Cryptographic Mode 1 (RSA 1024-bit keys / SHA-1 hashes” as RMS is only working with Windows Live ID with Cryptographic Mode 1, but NOT 2


    Thursday, September 11, 2014 4:55 PM