Monday, June 26, 2006

Troubleshooting RMS Service setup and usage

Ever tried to setup Windows Rights Management Service "from scratch" ? Keep in mind to take care about following things - to avoid wasting time:

1. Install MSMQ on the box prior to setup RMS.
MSMQ is used for logging purposes - later setup of MSMQ has no effect. So be sure to have a WS2003 CD ready - some files might be copied to harddisk while setup MSMQ

2. Install SQL Server.
SQL Server stores RMS relevant data. RMS will setup SQL Express if no SQL detected on the machine.

3. Ensure Active Directory is available.
After setup you'll need to register RMS in active directory (except you plan to work with Passport based identification). Ensure RMS account has enough privileges to make required changes in AD.

4. Apply database update to prevent SqlException on rights assignement.
Consult http://support.microsoft.com/kb/913372 - KB article describing changes in database. Ensure you have enough privileges to apply them - these are changes in master database.

5. Ensure email addresses are set to users in AD.
Only users having email address set in AD are served by RMS service. Be aware of that.

6. Ensure privileges to search/browse AD.
RMS service account must have privilege to search in AD.

7. Ensure the GC for AD is visible.
Just start Active Directory Sites MMC and browse properties of NTDS: the GC checkbox must be checked.

Follow the advices - and you'll keep the adrenaline level lower trying to assign digital rights to your Office documents. Enjoy!

No comments: