We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

Can't get ActiveSync and Rights Management Server to work on same SBS 2003 SP1 server

Geckotek
Geckotek asked
on
Medium Priority
261 Views
Last Modified: 2013-12-03
I had RMS up and running and "working", but I can't seem to get it to live harmoniously with ActiveSync.  FYI, I've never touched RMS before, so I'm a total noob here...and not really strong w/ IIS either.

My setup is SBS 2003 SP1 behind a hardware firewall.  I am running Exchange, SharePoint, and RMS on this server (will break them out later as money permits and size of our organization requires.)  At this time, I'm also testing WM5 devices w/ ActiveSync.  I had them working until I installed RMS which broke ActiveSync.  The fix is to make the following change in the IIS Metabase:
LM\W3SVC\1\ROOT\NTAuthenticationProviders  change from "NTLM" to "Negotiate,NTLM"

However, this fix seems to break RMS.  After the change I receive the following error opening an RMS protected document:
"A problem occurred trying to contact the restricted permission service."

On a possibly related note, RMS is not acting as I would expect it to.  When protecting or opening a document, it always prompts to "Select Service" and the options being a .NET Passport account or a Windows Account.  I expected it to automatically use the current logged in user's AD credentials.

Thanks for any help.
Comment
Watch Question

Jeffrey Kane - TechSoEasyPrincipal Consultant
CERTIFIED EXPERT
Most Valuable Expert 2016
Top Expert 2014

Commented:
There are a couple of registry entries that need to be added on an SBS for RMS to work.  Please see this post about that.  Also note the reference to the RMS newsgroup as a good source of assistance for RMS:
http://msmvps.com/blogs/bradley/archive/2004/01/19/1896.aspx

Jeff
TechSoEasy

Author

Commented:
Thanks, I've run across this post.  This appears to address PCs from outside the network, not the issue I've asked about here since my PCs are on the domain and connected to the network (sorry if that wasn't clear).

Author

Commented:
Solved it on my own.
Solution was to change "Negotiate,NTLM" to "NTLM,Negotiate"

Commented:
Changed recommendation: PAQ and points refunded
Thanks for sharing :)
Commented:
PAQed with points refunded (500)

GranMod
Community Support Moderator

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.