Event ID 161 — AD RMS Cluster Configuration

  • Article

Applies To: Windows Server 2008 R2

Servers in an Active Directory Rights Management Services (AD RMS) cluster are configured to both send and receive requests from AD RMS clients, other servers in the AD RMS cluster, and the AD RMS databases.

Event Details

Product: Windows Operating System
ID: 161
Source: Active Directory Rights Management Services
Version: 6.1
Symbolic Name: BadProxyConfigEvent
Message: The Active Directory Rights Management Services (AD RMS) proxy is not configured correctly.

Parameter Reference
Context: %1
RequestId: %2
%3
%4

Resolve

Change AD RMS proxy settings and AD RMS configuration database connection string

The AD RMS configuration database holds all AD RMS-related configuration data. Each AD RMS server has a registry entry that defines the connection string that AD RMS will use to connect to the configuration database. Use the following sections to change the AD RMS database connection string and change the proxy settings.

Change the AD RMS configuration database connection string in the registry

To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.

To change the AD RMS configuration database connection string in the registry:

Caution: Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data.

  1. Log on to an AD RMS server in the cluster, and then click Start.
  2. In the Start Search box, type regedit, and then press ENTER.
  3. Navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\DRMS\2.0\ConnectionString.
  4. Right-click ConfigDatabaseConnectionString, and then click Modify.
  5. Change the data source to the name of the AD RMS configuration database server.
  6. Change the database to the name of the AD RMS configuration database. By default, the name of the AD RMS configuration database is DRMS_Config_clustername_portnumber where clustername is the name of the AD RMS cluster and portnumber is the TCP port number used for AD RMS communication.
  7. Click OK.

Change the AD RMS proxy settings

To perform this procedure, you must be a member of the local AD RMS Enterprise Administrators group, or you must have been delegated the appropriate authority.

To change the AD RMS proxy settings:

  1. Open the Active Directory Rights Management Services console. Click Start, point to Administrative Tools, and then click Active Directory Rights Management Services.

  2. Right-click the AD RMS cluster, and then click Properties.

  3. Click the Proxy Settings tab.

  4. Select the This cluster uses a proxy server to access external networks check box.

  5. In the Address box, type the IP address or DNS name of the proxy server that you want to use.

  6. In the Port box, type the port number that the proxy server uses to connect to the Internet.

    If you do not use the proxy server to connect to local resources, select the Bypass proxy server for local addresses check box.

    If you have addresses that should not be using the proxy server at all, type them in the Do not use proxy server for address beginning with box.

  7. If appropriate, select the This proxy server requires authentication check box.

  8. In Authentication type, choose the appropriate authentication type from the list: Basic, Digest, or Integrated Windows.

  9. In User name, type the user name that should be supplied in response to the challenge from the proxy server.

  10. In Password, type the password that should be supplied in response to the challenge from the proxy server.

  11. In Confirm password, re-type the password supplied previously to verify that you typed it correctly.

  12. If your proxy server uses Integrated Windows authentication, in Domain, type the domain to which the user belongs.

  13. Click OK.

Verify

To perform this procedure, you must be a member of the local Users group, or you must have been delegated the appropriate authority.

Note: Microsoft Office Word 2007 is used as an example in this section. Any AD RMS-enabled application can be used in place of Word 2007.

To verify that AD RMS is configured correctly, do the following:

  1. Log on to an AD RMS-enabled client computer.
  2. Click Start, point to All Programs, point to Microsoft Office, and then click Microsoft Office Word 2007.
  3. In the new document type This is a test document.
  4. Click the Microsoft Office Start Button, point to Prepare, point to Restrict Permissions, and then click Restricted Access.
  5. Select the Restrict permissions to this document check box.
  6. Type another AD RMS user's e-mail address in the Read box, and then click OK.
  7. Send this file to the person who was granted access in step 6.
  8. Have this person open the document and verify that he or she cannot do anything else with the document such as print it.

AD RMS Cluster Configuration

Active Directory Rights Management Services