Event ID 223 — AD RMS Logging service availability

Applies To: Windows Server 2008 R2

Active Directory Rights Management Services (AD RMS) uses Message Queuing on each server in the AD RMS cluster to send information to the logging database. This information is used to compile reports and assess how your AD RMS installation is performing.

Event Details

Resolve

Check AD RMS configuration database availability

Each AD RMS cluster has one configuration database. The configuration database for the root cluster contains a list of Windows user identities and their rights account certificate (RAC)s. The AD RMS Logging service depends on being able to access the AD RMS configuration database server to be able to process MSMQ messages. In some cases, when the Logging service cannot access the AD RMS configuration database server, this is a temporary condition, such as when the AD RMS server starts before the AD RMS configuration database server. In these cases, the Logging service will connect to the configuration database server as soon as it becomes available.

If the AD RMS configuration database server continues to be unavailable, check that the server is running and verify that it can connect to the AD RMS server.

To perform these procedures, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.

Check AD RMS configuration database network connectivity

To check AD RMS configuration database network connectivity:

1. Log on to the AD RMS configuration database server.
2. At a command prompt on the AD RMS configuration database server, type ipconfig /all. Make sure that the AD RMS logging database server has an IP address in the correct IP address range, and does not have an Automatic Private IP Addressing (APIPA) address (an IP address in the 169.254.x.x range).
3. At a command prompt on the AD RMS configuration database server, type ping localhost to verify that TCP/IP is installed and correctly configured on the local computer. If the ping is unsuccessful, this may indicate a corrupt TCP/IP stack or a problem with the network adapter.
4. At a command prompt on the AD RMS configuration database server, type **ping **ip_address where ip_address is the IP address assigned to the computer. If you can ping the localhost address but not the local IP address, there may be an issue with the routing table or with the network adapter driver.
5. At a command prompt on the AD RMS configuration database server, type **ping **dns_server where dns_server is the IP address for the DNS server. If there are more than one DNS server on your network, you should ping each one. If you cannot ping the DNS servers, this indicates a potential problem with the DNS servers, or the network in between the AD RMS logging database server and the DNS servers.

Verify

To perform this procedure, you must be a member of the System Administrators database role, or you must have been delegated the appropriate authority.

To verify that the AD RMS logging database is working correctly:

1. Log on to the AD RMS logging database server.
2. Click Start, point to All Programs, click Microsoft SQL Server 2005, and then click SQL Server Management Studio.
3. In the Server name box, type the name of the AD RMS logging database server, and then click Connect.
4. Expand Databases, and then click the AD RMS configuration database. By default, the name of this database is DRMS_Logging_clustername_portnumber, where clustername is the name of the AD RMS cluster and portnumber is the TCP port in which the AD RMS Web services listens for requests.
5. Click New Query.
6. Type select * from drms_clusterpolicies, and then click Execute.

Related Management Information

AD RMS Logging service availability

Active Directory Rights Management Services