Active Directory Rights Management Server Install Enrollee Problem (Network Steve Forum)

Active Directory Rights Management Server Install Enrollee Problem

I have created my own RSA CSP and I and tring to get it to work with ADRMS I am having trouble installing the root cluster it is failing to generate enrollee certificate public key but it does not call my CSP Gen key so how is it tiring to generate this public key? Server log 3628: 2010-08-25 16:30:26.250 [RMS] Begin CreateSlcNameType... 3628: 2010-08-25 16:30:26.250 [RMS] Create cluster case, settign SlcNameType... 3628: 2010-08-25 16:30:26.250 [RMS] SlcNameType set onto NewClusterType, ServerLicensorCertificate = AD RMS CERT 3628: 2010-08-25 16:30:26.250 [RMS] Begin CreateSlcRevocationType... 3628: 2010-08-25 16:30:26.250 [RMS] Create cluster case, settign SlcNameType... 3628: 2010-08-25 16:30:26.250 [RMS] Revocation is disabled, Item = True 3628: 2010-08-25 16:30:26.250 [RMS] Private key protection is CspBased and private key password is <null>. 3628: 2010-08-25 16:30:26.250 [RMS] Domain account being used for service account is True and password is <non-null> 3628: 2010-08-25 16:30:26.250 [RMS] Begin LogSerializedConfigXML... 3628: 2010-08-25 16:30:26.250 [RMS] Log config XML directory = C:\Users\Administrator\AppData\Local\Temp\2\ 3628: 2010-08-25 16:30:26.265 [RMS] Log config XML file name = RmsProvision-Config-08-25-2010-0430.xml 3628: 2010-08-25 16:30:26.265 [RMS] Log config full path = C:\Users\Administrator\AppData\Local\Temp\2\RmsProvision-Config-08-25-2010-0430.xml 3628: 2010-08-25 16:30:26.375 [RMS] Begin Provision, provisionScenario = FullProvision, upgrade = False, private key password = , service account password = System.Security.SecureString, proxy password = , adfsUrl = . 3628: 2010-08-25 16:31:26.765 [RMS] Error (Id=0) System.Exception: Fail to generate enrollee certificate public key. at Microsoft.RightsManagementServices.Configuration.CertificationServerSelfEnrollment.GenerateEnrolleeCertificatePublicKey(String cspName, String keyContainerName) at Microsoft.RightsManagementServices.Configuration.CertificationServerSelfEnrollment.Enroll(EnrolleeServerInformation enrolleeInformation, EnrolleeRevocationInformation revocationInformation, String certificateDisplayName, String cspName, String keyContainerName) at Microsoft.RightsManagementServices.Configuration.ProvisioningBase.Enroll() at Microsoft.RightsManagementServices.Configuration.ProvisioningBase.Run() at Microsoft.RightsManagementServices.Configuration.ProvisionerBase.DoProvision() at Microsoft.RightsManagementServices.Configuration.ProvisionerHelper.Run(OperationType operationType, Object data) at Microsoft.RightsManagementServices.Configuration.CmdLineHandler.Run() at Microsoft.RightsManagementServices.Configuration.ConfigHelper.Provision(ConfigOperationType configOperation, RmsProvisionScenarioType provisionType, Boolean upgrade, SecureString privateKeyPassword, SecureString rmsServiceAccountPassword, SecureString proxyPassword, String adfsUrl) at Microsoft.Windows.ServerManager.RightsManagementServices.RightsManagementServicesRoleProvider.Provision(ClassValue guest, String guestIdentity, ConfigHelper configHelper, ConfigOperationType configOperationType, RmsProvisionScenarioType provisionScenario, String adfsUrl) 3628: 2010-08-25 16:31:26.796 [RMS] [STAT] For 'CoreRightsManagementServer': 3628: 2010-08-25 16:31:26.796 [RMS] [STAT] Configuration took '62.5735002' second(s) total. Event: Active Directory Rights Management Services Cluster Type Root cluster Trust Hierarchy Production Configuration Database Server Windows Internal Database Service Account ROOT\testuser Cluster Key Storage CSP key storage CSP for Key Storage My RSA Full Cryptographic Provider Cluster Web Site Default Web Site Cluster Internal Address http://root.testnetwork.com:80/ Licensor Certificate Name AD RMS CERT Register SCP Register now Active Directory Rights Management Services: Installation succeeded with errors <Error>: Attempt to configure Active Directory Rights Management Server failed. Fail to generate enrollee certificate public key. at Microsoft.RightsManagementServices.Configuration.CertificationServerSelfEnrollment.GenerateEnrolleeCertificatePublicKey(String cspName, String keyContainerName) at Microsoft.RightsManagementServices.Configuration.CertificationServerSelfEnrollment.Enroll(EnrolleeServerInformation enrolleeInformation, EnrolleeRevocationInformation revocationInformation, String certificateDisplayName, String cspName, String keyContainerName) at Microsoft.RightsManagementServices.Configuration.ProvisioningBase.Enroll() at Microsoft.RightsManagementServices.Configuration.ProvisioningBase.Run() at Microsoft.RightsManagementServices.Configuration.ProvisionerBase.DoProvision() at Microsoft.RightsManagementServices.Configuration.ProvisionerHelper.Run(OperationType operationType, Object data) at Microsoft.RightsManagementServices.Configuration.CmdLineHandler.Run() Remove and re-install AD RMS to attempt provisioning again. <Warning>: Before you can administer AD RMS on this server, you must log off and log on again. The following role services were installed: Active Directory Rights Management Server

August 25th, 2010 7:34pm

On Wed, 25 Aug 2010 16:34:22 +0000, karrimrabi wrote: I have created my own RSA CSP and I?and?tring to get it to work with ADRMS ?I am having?trouble?installing the root cluster it is?failing?to generate enrollee certificate public key but it does not call my CSP?Gen key?so how is it?tiring?to?generate?this public key? Questions about RMS should be posted to the RMS forum - http://social.technet.microsoft.com/Forums/en-US/rms/threads Paul Adare MVP - Identity Lifecycle Manager http://www.identit.ca

Free Windows Admin Tool Kit Click here and download it now

August 25th, 2010 8:14pm

This topic is archived. No further replies will be accepted.