ADRMS Troubleshooting: Difference between revisions
(Created page with "Some fancy hints, tips and tricks about AD RMS. *First thing: irmcheck! Go use it! *ConnectionString for SQL is located in registry http://technet.microsoft.com/en-us/library...") (change visibility) |
No edit summary (change visibility) |
||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Some fancy hints, tips and tricks about AD RMS. | Some fancy hints, tips and tricks about AD RMS. | ||
*First thing: irmcheck! Go use it! | *First thing: '''irmcheck'''! Go use it! | ||
*ConnectionString for SQL is located in registry | *ConnectionString for SQL is located in registry | ||
http://technet.microsoft.com/en-us/library/ff660033%28v=ws.10%29.aspx | http://technet.microsoft.com/en-us/library/ff660033%28v=ws.10%29.aspx | ||
Line 7: | Line 7: | ||
*MSIPC (RMS client 2.0 in windows 8 and office 2013) caches in registry and %localappdata% | *MSIPC (RMS client 2.0 in windows 8 and office 2013) caches in registry and %localappdata% | ||
* REGISTRY:\Software\Classes\Local Settings\Software\Microsoft\MSIPC\<Server Name> \Template (HKCU or HKLM) | * '''REGISTRY:\Software\Classes\Local Settings\Software\Microsoft\MSIPC\<Server Name> \Template (HKCU or HKLM)''' | ||
*%localappdata%\microsoft\msipc | '''*%localappdata%\microsoft\msipc''' | ||
Hint: you can delete huge filenames with "rmdir MSIPC /s" in cmd (not powershell)success | Hint: you can delete huge filenames with "rmdir MSIPC /s" in cmd (not powershell)success | ||
Line 14: | Line 14: | ||
Even harder, go Wireshark! | Even harder, go Wireshark! | ||
* The older MSDRM (RMS Client 1) puts everything in your %localappdata%\Microsoft\DRM . There you can find your user- & machine certificates, and templates.£ | * The older MSDRM (RMS Client 1) puts everything in your '''%localappdata%\Microsoft\DRM''' . There you can find your user- & machine certificates, and templates.£ | ||
Regkeys under REGISTRY:\software\microsoft\msdrm | Regkeys under '''REGISTRY:\software\microsoft\msdrm''' | ||
Please, open them up, they're just XML-based, and contain a lot of information! For example, in the GIC-file you can confirm your RMS-location. Don't try to modify them, they're hashed... But you definitely should check them for having :443 in their url's (check this article) | Please, open them up, they're just XML-based, and contain a lot of information! For example, in the GIC-file you can confirm your RMS-location. Don't try to modify them, they're hashed... But you definitely should check them for having :443 in their url's (check this article) | ||
GIC (Group Identity Certificate) = RAC (Rights Account Certificate) | GIC (Group Identity Certificate) = RAC (Rights Account Certificate) | ||
CLC (Client Licensor Certificate) | CLC (Client Licensor Certificate) | ||
CERT-Machine = SPC (Security Processor Certificate) | CERT-Machine = SPC (Security Processor Certificate) | ||
Line 27: | Line 30: | ||
[http://social.technet.microsoft.com/wiki/contents/articles/7838.ad-rms-troubleshooting-server-side-tracing.aspx Server-side] and [http://social.technet.microsoft.com/wiki/contents/articles/7700.ad-rms-troubleshooting-client-side-tracing-msdrm.aspx Client-side] | [http://social.technet.microsoft.com/wiki/contents/articles/7838.ad-rms-troubleshooting-server-side-tracing.aspx Server-side] and [http://social.technet.microsoft.com/wiki/contents/articles/7700.ad-rms-troubleshooting-client-side-tracing-msdrm.aspx Client-side] | ||
* Go and check Windows Event Logs. RMS Client doesn't actually logs something there, but it can be a source of good information anyway! | * Go and check Windows Event Logs. RMS Client doesn't actually logs something there, but it can be a source of good information anyway! | ||
* sql server => drms_config_irm_url:443 contains the cluster's policy, configuration, and others! There's not that much more info than in the gui, but still... |
Latest revision as of 10:53, 15 January 2014
Some fancy hints, tips and tricks about AD RMS.
- First thing: irmcheck! Go use it!
- ConnectionString for SQL is located in registry
http://technet.microsoft.com/en-us/library/ff660033%28v=ws.10%29.aspx
- MSIPC (RMS client 2.0 in windows 8 and office 2013) caches in registry and %localappdata%
- REGISTRY:\Software\Classes\Local Settings\Software\Microsoft\MSIPC\<Server Name> \Template (HKCU or HKLM)
*%localappdata%\microsoft\msipc Hint: you can delete huge filenames with "rmdir MSIPC /s" in cmd (not powershell)success
- Advanced troubleshooting on OSI Layer 7: fiddler! (enable https decryption)
Even harder, go Wireshark!
- The older MSDRM (RMS Client 1) puts everything in your %localappdata%\Microsoft\DRM . There you can find your user- & machine certificates, and templates.£
Regkeys under REGISTRY:\software\microsoft\msdrm
Please, open them up, they're just XML-based, and contain a lot of information! For example, in the GIC-file you can confirm your RMS-location. Don't try to modify them, they're hashed... But you definitely should check them for having :443 in their url's (check this article)
GIC (Group Identity Certificate) = RAC (Rights Account Certificate)
CLC (Client Licensor Certificate)
CERT-Machine = SPC (Security Processor Certificate)
More about those 3 files in here
- Go and check Windows Event Logs. RMS Client doesn't actually logs something there, but it can be a source of good information anyway!
- sql server => drms_config_irm_url:443 contains the cluster's policy, configuration, and others! There's not that much more info than in the gui, but still...