Constant error message for only one user when not connected to the physical domain: The data received from the server running ad rms didnt match the expected format. contact your administrator for further investigation RRS feed

  • Question

  • Hey guys

    I have one user constantly getting this message when not connected to the domain directly (on a domain machine).  Others do not have this issue BUT he also has the highest privileges (and therefore the shortest licenses) of any users that are off the domain.  He has not had this issue until getting a new device, but at the same time he got the new device, the templates for the company's RMS were updated.  We have reset his RMS client, hand removed all keys from his device, and reinstalled and reconfigured.  It is almost as if he is not getting a cached copy of his licenses.  Any suggestions would be greatly appreciated.


    Friday, November 7, 2014 3:51 PM

All replies

  • Have you seen http://social.technet.microsoft.com/wiki/contents/articles/13130.ad-rms-troubleshooting-guide.aspx ?

    "Most likely there is an untrusted certificate or a certificate revocation list (CRL) cannot be resolved. If there are any warnings when using Internet Explorer to browse and access the AD RMS "pipeline" URLs , then Office applications will fail to be able to contact the AD RMS server"

    You can fix the certificate/CDP or as described on the same website:

    "you can as a workaround for CRL issues, disable CRL checking in Internet Explorer. To disable CRL checking, in Internet Explorer, from the Tools menu, open Internet Options, click the Advanced tab, scroll to the Security section and uncheck the box for Warn about security address mismatch, and then click OK."

    Did my post help you or make you laugh? Don't forget to click the Helpful vote :) If I answered your question please mark my post as an Answer.

    Friday, November 14, 2014 10:22 PM
  • Hello,  Thank you for your reply. Yes I have seen and followed this but the error persists.  Oddly enough.  The error looks to relate to this issue here where there is a hotfix for 2010:


    The problem is that the user is using 2013 so the hotfix will not work but the issue is the same.  (we have now seen this occur for 2 users)

    Monday, November 24, 2014 6:29 PM
  • Once your domain user is located in the Internet (outside of your internal network), let him try to access those sites

    • https://<<YOURadrmsEXTERNALpipelineHERE>>/_wmcs/licensing

    Does he get any warning on certificate / CRLs?

    Also, install all newest updates for you OS and Office on users device.

    The second thing to check is if you have the text ":443" added in the URL of the service connection point (SCP) for your AD RMS. Office (especially 2010) may have issues with interpreting :443 because IE ignores the port, but Office requires exacatly the same SCP and Pipeline names.

    Did my post help you or make you laugh? Don't forget to click the Helpful vote :) If I answered your question please mark my post as an Answer.

    Tuesday, November 25, 2014 10:14 AM