ADRMS Troubleshooting

From WikiWiki
Jump to navigation Jump to search

Some fancy hints, tips and tricks about AD RMS.

  • First thing: irmcheck! Go use it!
  • ConnectionString for SQL is located in registry

http://technet.microsoft.com/en-us/library/ff660033%28v=ws.10%29.aspx

  • MSIPC (RMS client 2.0 in windows 8 and office 2013) caches in registry and %localappdata%
  • REGISTRY:\Software\Classes\Local Settings\Software\Microsoft\MSIPC\<Server Name> \Template (HKCU or HKLM)

*%localappdata%\microsoft\msipc Hint: you can delete huge filenames with "rmdir MSIPC /s" in cmd (not powershell)success

  • Advanced troubleshooting on OSI Layer 7: fiddler! (enable https decryption)

Even harder, go Wireshark!

  • The older MSDRM (RMS Client 1) puts everything in your %localappdata%\Microsoft\DRM . There you can find your user- & machine certificates, and templates.£

Regkeys under REGISTRY:\software\microsoft\msdrm

Please, open them up, they're just XML-based, and contain a lot of information! For example, in the GIC-file you can confirm your RMS-location. Don't try to modify them, they're hashed... But you definitely should check them for having :443 in their url's (check this article)

GIC (Group Identity Certificate) = RAC (Rights Account Certificate)

CLC (Client Licensor Certificate)

CERT-Machine = SPC (Security Processor Certificate)

More about those 3 files in here

Server-side and Client-side

  • Go and check Windows Event Logs. RMS Client doesn't actually logs something there, but it can be a source of good information anyway!
  • sql server => drms_config_irm_url:443 contains the cluster's policy, configuration, and others! There's not that much more info than in the gui, but still...