Test-IRMConfiguration 失敗:無法取得使用授權

  • 發行項
  • 適用於:
    Exchange Server 2010 Enterprise, Exchange Server 2010 Standard

原始 KB 編號: 2805976

徵狀

使用 Microsoft Exchange Server 2010 設定 Active Directory Rights Management Service (AD-RMS) 時,當您Test-IRMConfiguration在 Exchange Management Shell (EMS) 中執行時,可能會收到下列失敗。

Results : Checking Exchange Server ...
 - PASS: Exchange Server is running in Enterprise.
 Loading IRM configuration ...
 - PASS: IRM configuration loaded successfully.
 Retrieving RMS Certification Uri ...
 - PASS: RMS Certification Uri: https://rms.Domain.com/_wmcs/certification.
 Verifying RMS version for https://rms.Domain.com/_wmcs/certification ...
 - PASS: RMS Version verified successfully.
 Retrieving RMS Publishing Uri ...
 - PASS: RMS Publishing Uri: https://rms.Domain.com/_wmcs/licensing.
 Acquiring Rights Account Certificate (RAC) and Client Licensor Certificate (CLC)...
 - PASS: RAC and CLC acquired.
 Acquiring RMS Templates ...
 - PASS: RMS Templates acquired.
 Retrieving RMS Licensing Uri ...
 - PASS: RMS Licensing Uri: https://rms.Domain.com/_wmcs/licensing.
 Verifying RMS version for https://rms.Domain.com/_wmcs/licensing ...
 - PASS: RMS Version verified successfully.
 Creating Publishing License ...
 - PASS: Publishing License created.
 Acquiring Prelicense for 'User@Domain.com' from RMS Licensing Uri (https://rmc.Domain.com/_wmcs/licensing)...
 - PASS: Prelicense acquired.
 Acquiring Use License from RMS Licensing Uri (https://rms.Domain.com/_wmcs/licensing)...
 - FAIL: Failed to acquire a use license. This failure may cause features such as Transport Decryption, Jo
 urnal Report Decryption, IRM in OWA, IRM in EAS and IRM Search to not work. Please make sure that the account
 "FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042" representing the Exchange Servers Group is granted sup
 er user privileges on the Active Directory Rights Management Services server. For detailed instructions, see
 "Add the Federated Delivery Mailbox to the AD RMS Super Users Group" at https://go.microsoft.com/fwlink/?linkid=193400.

原因

如果已刪除並重新建立 FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042,就會發生此問題。 重新設定 AD-RMS 進階使用者群組之後,仍會發生上述錯誤。

解決方案

在 Exchange Server 上,遵循下列步驟:

  1. 關閉 IRM。

    Set-IRMConfiguration -InternalLicensingEnabled $false

  2. 備份和刪除中的 C:\ProgramData\Microsoft\DRM\Server目錄。

    注意事項

    Server 資料夾是隱藏的系統資料夾,您必須取消選取 [隱藏受保護的作業系統檔案 ] 來檢視資料夾。

  3. 重新啟動。

  4. 啟用 IRM。

    Set-IRMConfiguration -InternalLicensingEnabled $true

  5. 測試 IRM。

    Test-IRMConfiguration -sender [user@domain.com]

其他相關資訊

Exchange 會從已刪除的 FederatedEmail 帳戶使用舊的 GIC。 移除 [伺服器] 資料夾下的檔案之後,新的 GIC 只會包含 Exchange 伺服器本機系統帳戶。

Exchange 伺服器必須重新啟動,新的 GIC 才能使用 FederatedEmail 帳戶正確運作。