Event ID 181 — AD RMS Trust Policy Integrity
Applies To: Windows Server 2008
Trust policies in Active Directory Rights Managemenet Services (AD RMS) allow users to share rights-protected content across Active Directory Domain Services (AD DS) forests that are either internal or external to the organization.
|Product:||Windows Operating System|
|Source:||Active Directory Rights Management Services|
|Message:||An Active Directory Rights Management Services (AD RMS) client issuance license does not contain a valid cluster. Ensure that all servers in the AD RMS cluster are part of the trusted publishing domain.
Import trusted publishing domain
To perform this procedure, you must be a member of the local AD RMS Enterprise Administrators group, or you must have been delegated the appropriate authority.
To import a trusted publishing domain:
- Log on to an AD RMS server in the cluster.
- Click Start, point to Administrative Tools, and then click Active Directory Rights Management Services.
- Expand the AD RMS cluster, expand Trust Policies, and then click Trusted Publishing Domains.
- Click Import Trusted Publishing Domain.
- Click Browse, browse to the exported trusted publishing domain file, and then double-click the file.
- In the Password box, type the password that was used to export this trusted publishing domain.
- In the Display name box, type the display name to be used to identify this trusted publishing domain in the AD RMS cluster.
- Click Finish.
To perform this procedure, you must be a member of the local Users group, or you must have been delegated the appropriate authority.
Note: Microsoft Office Word 2007 is used as an example in this section. Any AD RMS-enabled application can be used in place of Word 2007.
To verify that the AD RMS trust policies are working correctly:
- Log on to an AD RMS-enabled client computer.
- Click Start, point to All Programs, point to Microsoft Office, and then click Microsoft Office Word 2007.
- In the new document type This is a test document.
- Click the Microsoft Office Start Button, point to Prepare, point to Restrict Permissions, and then click Restricted Access.
- Select the Restrict permissions to this document check box.
- Type another AD RMS user's e-mail address in the Read box, and then click OK.
- Send this file to the person who was granted access in step 6.
- Have this person open the document and verify that he or she cannot print it.