Event ID 105 — AD RMS Cluster Configuration

  • Article

Applies To: Windows Server 2008

Servers in an Active Directory Rights Management Services (AD RMS) cluster are configured to both send and receive requests from AD RMS clients, other servers in the AD RMS cluster, and the AD RMS databases.

Event Details

Product: Windows Operating System
ID: 105
Source: Active Directory Rights Management Services
Version: 6.0
Symbolic Name: MissingEnterpriseGroupIdentityCertificateServiceUrlEvent
Message: The Active Directory Rights Management Services (AD RMS) service connection point (SCP) object is missing from Active Directory Domain Services.

The AD RMS SCP provides the certification URL that points to the AD RMS cluster in this forest. The AD RMS-enabled clients use this to obtain a rights account certificate.

Parameter Reference
Context: %1
RequestId: %2
%3
%4

Resolve

Register service connection point in AD DS

The AD RMS service connection point (SCP) can be registered automatically during installation. The user account designated for AD RMS administration must be a member of the Active Directory Enterprise Admins group.

To perform this procedure, you must be a member of the local AD RMS Enterprise Administrators group and the Active Directory Domain Services (AD DS) Enterprise Admins group, or you must have been delegated the appropriate authority.

To register the AD RMS service connection point manually:

  1. Log on to a server in the AD RMS cluster.
  2. Open the Active Directory Management Services console. Click Start, point to Administrative Tools, and then click Active Directory Rights Management Services.
  3. Right-click the AD RMS cluster, and then click Properties.
  4. Click the SCP tab.
  5. Select the Change SCP check box.
  6. Click the Set SCP to current certification cluster option, and then click OK.

Verify

To perform this procedure, you must be a member of the local Users group, or you must have been delegated the appropriate authority.

Note: Microsoft Office Word 2007 is used as an example in this section. Any AD RMS-enabled application can be used in place of Word 2007.

To verify that AD RMS is configured correctly, do the following:

  1. Log on to an AD RMS-enabled client computer.
  2. Click Start, point to All Programs, point to Microsoft Office, and then click Microsoft Office Word 2007.
  3. In the new document type This is a test document.
  4. Click the Microsoft Office Start Button, point to Prepare, point to Restrict Permissions, and then click Restricted Access.
  5. Select the Restrict permissions to this document check box.
  6. Type another AD RMS user's e-mail address in the Read box, and then click OK.
  7. Send this file to the person who was granted access in step 6.
  8. Have this person open the document and verify that he or she cannot do anything else with the document such as print it.

AD RMS Cluster Configuration

Active Directory Rights Management Services