• Hello, Im am new to AD RMS. I would like to use AD RMS for Exchange.

    I am sticking here with the same problem over and over again.

    I installed windows 2008R2 in a virtualized lab environment.

    I created a self signed certificate during the installation.


    Thanks for any help in advance !



    and I am getting this error messages:




    <Informational>: This server might need to be restarted after the installation completes.



    Active Directory Rights Management Services

    Cluster Type Licensing-only cluster


    Trust Hierarchy Production


    Configuration Database Server Windows Internal Database


    Service Account LOCAL\AD_RMSService


    Cluster Key Storage AD RMS centrally managed key storage


    Cluster Web Site Default Web Site


    Cluster Internal Address


    SSL Certificate C1C123938C49E06D0DF67ADCCAF264CB705D29DB


    Licensor Certificate Name RMS



    Active Directory Rights Management Services: Installation succeeded with errors

    <Error>: Attempt to configure Active Directory Rights Management Server failed. The AD RMS installation could not determine the certificate hierarchy. If the AD RMS service connection point (SCP) you need to use is registered in Active Directory but is not valid, revise it to make it valid, or create a new SCP, and install AD RMS again. at Microsoft.RightsManagementServices.Configuration.LicensingServerSelfEnrollment.DecideCertificateHierarchy() at Microsoft.RightsManagementServices.Configuration.CertificationServerSelfEnrollment.Enroll(EnrolleeServerInformation enrolleeInformation, EnrolleeRevocationInformation revocationInformation, String certificateDisplayName, String cspName, String keyContainerName) at Microsoft.RightsManagementServices.Configuration.ProvisioningBase.Enroll() at Microsoft.RightsManagementServices.Configuration.ProvisioningBase.Run() at Microsoft.RightsManagementServices.Configuration.ProvisionerBase.DoProvision() at Microsoft.RightsManagementServices.Configuration.ProvisionerHelper.Run(OperationType operationType, Object data) at Microsoft.RightsManagementServices.Configuration.CmdLineHandler.Run() Remove and re-install AD RMS to attempt provisioning again.


    <Warning>: Before you can administer AD RMS on this server, you must log off and log on again.


    The following role services were installed:


    Active Directory Rights Management Server


    Please refer to the full log at: 'C:\Users\AD_RMS\AppData\Local\Temp\ServerManager.log'



    terça-feira, 6 de setembro de 2011 00:25


Todas as Respostas

  • The certificate should be issued from a trusted root certification authority. Do you have certificate services configured in the A.D. If so install the certificate to AD RMS from the certification authority;or else create an active directory certifcate services for active directory domain.
    If you found this post helpful, please "Vote as Helpful". If it answered your question, remember to "Mark as Answer". MCSE,MSCITP-EA
    terça-feira, 6 de setembro de 2011 03:16
  • Thanks for your help !

    I have a  hickup with understanding Certificates. .. Sorry...

    I did not want to spend money for a test environment .

    If I install the Active Directory Certificate Services ...

    where is the best place ? ( with AD RMS- on my domain controller)

    and does this replace a certificate from a trusted root certification authority ?


    ...   thanks again ....



    terça-feira, 6 de setembro de 2011 03:52
  • AD RMS related issues should be posted here
    • Sugerido como Resposta Meinolf WeberMVP terça-feira, 6 de setembro de 2011 06:15
    • Marcado como Resposta Yan Li_Moderator terça-feira, 13 de setembro de 2011 02:18
    terça-feira, 6 de setembro de 2011 05:36
  • Apologies !

    Could solve my problems thanks to answer above !



    terça-feira, 6 de setembro de 2011 23:11