RMS Provisioning Issues
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
When you provision RMS, the resource files and connections between the various components that RMS relies on are configured and established. If an error is encountered while RMS is trying to set up a resource, provisioning fails and displays an error. This section discusses the most common causes of these errors to help you troubleshoot unexpected situations that prevent provisioning RMS from completing.
Cannot Provision the first server in the root cluster
You might not be able to provision a root the first server in the root cluster because the correct provisioning pages do not appear. This behavior can occur when you click Provision RMS on this Web site to provision the first server in the root cluster from the Global Administration page. Instead of the provisioning pages for the first in the rroot cluster, however, the pages to provision a server in a licensing-only cluster appear.
This problem occurs when you do not unprovision the last server in the root cluster in this Active Directory forest before you uninstall RMS from it, and then you attempt to provision a new root cluster. When you unprovision the last server in the root cluster that is in an Active Directory forest, you must remove the service connection point from Active Directory. If you do not unprovision the last server in the root cluster that is in the forest before you uninstall RMS, you will not be able to reprovision another root cluster that is in this forest before you manually remove the service connection point from Active Directory.
If the provisioning pages for a licensing-only cluster appear when you try to provision the first server in a root cluster in an Active Directory forest, remove the service connection point from Active Directory as follows:
To remove the service connection point for RMS
If necessary, install the Windows Server Support Tools:
For Windows Server 2003, from the \Support\Tools folder that is on the installation CD, run Suptools.msi.
For Windows 2000 Server, from the \Support Tools folder that is on the installation CD, run Setup.exe.
Log on to the domain controller of the domain that the last server in the root cluster is a member of by using an account that is a member of the Domain Admins group.
At a command prompt, type the following command, and then press ENTER:
ldp
Click Connection, and then Connect.
Press ENTER. Do not type any information.
Click Connection, and then click Bind.
Press ENTER. Do not type any information.
Click View, and then click Tree.
Press ENTER. Do not type any information.
dc=YourDomain,dc=com is displayed in the left pane.
Expand dc=YourDomain,dc=com.
Expand Configuration.
Expand Services.
Delete RightsManagementServices.
-or-
To remove the service connection point for RMS
Download and install the RMS Administration Toolkit. The toolkit can be downloaded from the Microsoft Web site https://go.microsoft.com/fwlink/?LinkId=33841.
Open Command Prompt, by clicking Start, Run. In the Run dialog box, type cmd, and then click OK.
At a command prompt type the following command: ADSCPRegister.exe unregisterscp <URLtoUnRegister>
For <URLtoUnRegister> type the URL that of the RMS service connection point, for example https://my_domain/_wmcs/Certification.
After you finish these steps, you can provision the first server in the root cluster..
Cannot Generate SSPI Context
You might receive a "Cannot generate SSPI context" error message during provisioning if the RMS service account is not authenticated when enrolling the first server in the root cluster with the Microsoft Enrollment Service.
If you receive this error message, verify that the RMS service account is a valid domain account. If the account is a group account, verify that the group membership is current, that you can resolve all of the user accounts in the group in the domain, and that the accounts have permissions to the SQL databases.