Geckotek
asked on
Can't get ActiveSync and Rights Management Server to work on same SBS 2003 SP1 server
I had RMS up and running and "working", but I can't seem to get it to live harmoniously with ActiveSync. FYI, I've never touched RMS before, so I'm a total noob here...and not really strong w/ IIS either.
My setup is SBS 2003 SP1 behind a hardware firewall. I am running Exchange, SharePoint, and RMS on this server (will break them out later as money permits and size of our organization requires.) At this time, I'm also testing WM5 devices w/ ActiveSync. I had them working until I installed RMS which broke ActiveSync. The fix is to make the following change in the IIS Metabase:
LM\W3SVC\1\ROOT\NTAuthenti
However, this fix seems to break RMS. After the change I receive the following error opening an RMS protected document:
"A problem occurred trying to contact the restricted permission service."
On a possibly related note, RMS is not acting as I would expect it to. When protecting or opening a document, it always prompts to "Select Service" and the options being a .NET Passport account or a Windows Account. I expected it to automatically use the current logged in user's AD credentials.
Thanks for any help.
My setup is SBS 2003 SP1 behind a hardware firewall. I am running Exchange, SharePoint, and RMS on this server (will break them out later as money permits and size of our organization requires.) At this time, I'm also testing WM5 devices w/ ActiveSync. I had them working until I installed RMS which broke ActiveSync. The fix is to make the following change in the IIS Metabase:
LM\W3SVC\1\ROOT\NTAuthenti
However, this fix seems to break RMS. After the change I receive the following error opening an RMS protected document:
"A problem occurred trying to contact the restricted permission service."
On a possibly related note, RMS is not acting as I would expect it to. When protecting or opening a document, it always prompts to "Select Service" and the options being a .NET Passport account or a Windows Account. I expected it to automatically use the current logged in user's AD credentials.
Thanks for any help.
ASKER
Thanks, I've run across this post. This appears to address PCs from outside the network, not the issue I've asked about here since my PCs are on the domain and connected to the network (sorry if that wasn't clear).
ASKER
Solved it on my own.
Solution was to change "Negotiate,NTLM" to "NTLM,Negotiate"
Solution was to change "Negotiate,NTLM" to "NTLM,Negotiate"
Changed recommendation: PAQ and points refunded
Thanks for sharing :)
Thanks for sharing :)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://msmvps.com/blogs/bradley/archive/2004/01/19/1896.aspx
Jeff
TechSoEasy