Сan not connect to the RMS AD console RRS feed

  • Question

  • Hi!

    In the IT infrastructure, the AD RMS service cluster is deployed from two servers based on Windows Server 2012 R2 with an external SQL database. At some point (it's possible that after some Windows update) stopped connecting to the AD RMS management console, the following error is returned:

    A connection with the AD RMS cluster *** could not be established because of the following reason: The unexpected error occurred on a send. Ensure that your connection is the correct protocol, such as HTTP or HTTPs, and that the port number is correct. Do you want to continue?

    At the same time, the functional of the AD RMS service (that is, users successfully connect to the server and protect their documents), pages

    • https: //***/_wmcs/admin/EnterpriseMgr.asmx
    • https: //***/_wmcs/certification/certification.asmx

    successfully open. The user account on behalf of which the connection to the console is running is a member of the group "AD RMS Enterprise Administrators".

    1. Unregister SCP RMS
    2. Uninstall RMS Role
    3. Uninstall IIS Role
    4. Remove SQL Database
    5. Install RMS Role again

    did not lead to success, the management console is still not connected to the cluster

    I ask for help, since it is possible that someone has encountered a similar problem. In such topics, the solution described above did not find the solution ...


    Wednesday, April 5, 2017 3:13 PM

All replies

  • FIRST, i'm very concerned about the steps as listed. When you removed the SQL database, did you restore back an old one?

    If you created a new database from scratch, your keys will all be different, and documents not previously opened (with cached decryption keys) but protected before the reinstall will not be accessible.
    You will need to either restore the database backup and reg keys from the ADRMS role or import a saved Trusted Publishing Domain from that install.

    The original error could be the loopback protection, so try:
    on the RMS Server.

    1.Click Start, click Run, type regedit, and then click OK.

    2.Locate and then click the following registry subkey:

    3.Right-click Lsa, point to New, and then click DWORD Value.

    4.Type DisableLoopbackCheck, and then press ENTER.

    5.Right-click DisableLoopbackCheck, and then click Modify.

    6.In the Value data box, type 1, and then click OK.

    7.Exit Registry Editor.

    8.Restart the computer.

    If that still doesn't work, you should check the IIS logs to see what error you are getting when the admin console tries to connect. Make sure the account you are using is in the ADRMS Enterprise Administrators group.

    Friday, April 21, 2017 5:24 PM