AD RMS with Exchange 2010 SP1

Not open for further replies.

Fady Naguib


We have AD and Exchange 2003 and Exchange 2010 (Coexistence).

I had installed AD RMS on my DC (Windows 2008 SP2) with a private certificate from my internal CA and tried to send encrypted messages (Don"t forward) and it's working fine.

I create some templates and assigned them to anyone. I can see and use these templates from OWA 2010 but when I tried it with Outlook (2003, 2007 and 2010) I cannot see these templates for all users hosted on exchange 2010?

Also I tried to publish the RMS server to outside to be accessible from internet using TMG 2010.

I created the web site publishing rule successfully and used an external name for the RMS server, the one I wrote on the external cluster URLS- and used public certificate that contain the name of the RMS external URL in the SAN on the TMG but the test rule failed. When I used the internal certificate, test rule succeeded on TMG.

I notice that the external outlook asking for the internal URL from outside???!!!!

RMS Internal URL: https://RMS-Server.domain.Local

RMS External URL:

So, my questions are:

How can I upload the RMS template polices on the outlook?

How can I publish the RMS on internet using public certificate?

I read many many blogs and articles from Microsoft with no luck.

Any help?!!!

Regards, Fady Naguib

Neil Hobson

Does running the Test-IRMConfiguration cmdlet from the E2K10 server reveal any issues?Neil Hobson | Principal Consultant | Silversands | | | | twitter @NeilHobson

Fady Naguib

Here is the reply of Test-IRMConfiguration cmdlet

Results : Checking Exchange Server ...
- PASS: Exchange Server is running in Enterprise.
Loading IRM configuration ...
- PASS: IRM configuration loaded successfully.
Retrieving RMS Certification Uri ...
- PASS: RMS Certification Uri: https://rms.domain.local/_wmcs/certification .
Verifying RMS version for https://rms.domain.local/_wmcs/certification ...
- PASS: RMS Version verified successfully.
Retrieving RMS Publishing Uri ...
- PASS: RMS Publishing Uri: https://rms.domain.local/_wmcs/licensing .
Acquiring Rights Account Certificate (RAC) and Client Licensor Certificate (CLC) ...
- PASS: RAC and CLC acquired.
Acquiring RMS Templates ...
- PASS: RMS Templates acquired.
Retrieving RMS Licensing Uri ...
- PASS: RMS Licensing Uri: https://rms.domain.local/_wmcs/licensing .
Verifying RMS version for https://rms.domain.local/_wmcs/licensing ...
- PASS: RMS Version verified successfully.
Creating Publishing License ...
- PASS: Publishing License created.
Acquiring Prelicense for 'mfawzi@domain.local' from RMS Licensing Uri (https://rms.domain.local/_wmcs/li censing) ...
- PASS: Prelicense acquired.
Acquiring Use License from RMS Licensing Uri (https://rms.domain.local/_wmcs/licensing ) ...
- FAIL: Failed to acquire a use license. This failure may cause features such as Transport Decryption, Journal Report Decryption, IRM in OWA, IRM in EAS and IRM Search to not work. Please make sure that the account " FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042" representing the Exchange Servers Group is granted super user privileges on the Active Directory Rights Management Services server. For detailed instructions, see
" Add the Federated Delivery Mailbox to the AD RMS Super Users Group" at d=193400.

Regards, Fady Naguib

Neil Hobson

Hmmm....that's strange, because my understanding is that you need to add the Federated Email mailbox to the RMS Super Users group to get RMS working in OWA, but I see from your original post that you say you can use the templates in OWA. It might be worth adding the mailbox to the super users group anyway. By the way, by running this cmdlet I was originally addressing your first issue, not the issue about accessing RMS from the web.Neil Hobson | Principal Consultant | Silversands | | | | twitter @NeilHobson

Fady Naguib

Thanks for your reply, any idea regarding my issue?!Regards, Fady Naguib
Not open for further replies.
Similar threads
Thread starter Title Forum Replies Date
Diane Poremsky RMS Error: System clock has been tampered with New Articles 0
G Problems with Active Directory Rights Management Services (AD RMS) in Outlook 2013 Exchange Server Administration 0
M Upgrading HUB 2010 to SP1, getting error "There should only be a single RMS Shared Identity user" Exchange Server Administration 1
R Select RMS Template showing blank Exchange Server Administration 8
C Transfer Autocomplete from Pop to Exchange Using Outlook 3
N Backing Up Exchange Calendar Using Outlook 13
A Ol16 desktopT suddenly can't connect with Exchange Using accounts in Outlook 5
T How can Exchange be configured to sync/push one-way so that the server data can't be affected Exchange Server Administration 0
E How to display "Change Folder" in Change Default Email Delivery Location in Exchange Outlook 2016 Using Outlook 1
J Outlook 2016 Moving IMAP emails to Exchange Using Outlook 1
L How to Import Exchange OST file into Outlook? Using Outlook 3
O Outlook 365 Exchange .ost within Personal Vaul Using Outlook 0
D Outlook 2016 Migrate 'On My Computer' (local storage) Calendar from Mac Outlook to Exchange Account Using Outlook 5
A .restrict results changing after moving to Exchange online Outlook VBA and Custom Forms 0
D Can Exchange Admin Center create a pst for users email/contacts/calendar? Exchange Server Administration 0
S Messages moved / deleted by auto-archive are not synchronized to exchange Exchange Server Administration 8
llama_thumper Setting up forwarders on Exchange server Exchange Server Administration 0
D Importing Outlook Categories from another domain (Exchange 2016/Outlook 2016) Using Outlook 4
M WMI query for Get Disk IO performance in exchange Exchange Server Administration 0
B Outlook 2013/Exchange 2013 - Conf Rooms not fully booking "resolved conflict" meetings Using Outlook 3
D Adding Enterprise Exchange Email Account to Outlook Prevents Sending via Account Using accounts in Outlook 10
O Benefits of Exchange over IMAP and why would I choose Exchange? Using Outlook 2
F Delete/create/reset Exchange mailbox on Using accounts in Outlook 3
A Prevent connection to Public Folders on Exchange? Exchange Server Administration 3
S Add Exchange Account as Secondary to Existing PST? Exchange Server Administration 1
S Adding new Exchange (2016) rule very slow down Microsoft Outlook Exchange Server Administration 0
CWM030 A quick question for Diane about Exchange Exchange Server Administration 2
G How to have domain client use owa server instead of exchange server while connect to network Using Outlook 1
J Outlook 2016 message content does not display -; exchange Using accounts in Outlook 9
C Filter/Search emails sent to internal Exchange address only Using Outlook 2
B Copy/Move Exchange inbox to Pop inbox Using Outlook 4
Fozzie Bear Correct Method to set up accounts as Exchange Using accounts in Outlook 7
P AutoArchive exchange folder to exchange folder Using Outlook 1
J Syncing notes between Outlook 2016/Exchange and Outlook for Android Using Outlook 2
Brian Murphy Exchange Online Everything a Transport Rule should do and cannot Exchange Server Administration 1
E Customer wants a portion of GAL from exchange to sync down to Android contacts via Activesync Using Outlook 2
R Problem with searching public folders Exchange 2013/16 Exchange Server Administration 2
I outlook 2016 manual exchange config Using Outlook 0
R Add Exchange Account to existing POP3 Outlook 2007 Profile Using Outlook 0
Fozzie Bear Office 365 Home Premium with Exchange Online email accounts Using Outlook 3
Commodore Microsoft Exchange Add-in Using Outlook 2
D Winmail.dat with MS Exchange Personal and Using accounts in Outlook 5
I Outlook 2013 Transition to Exchange - weirdnesses Using accounts in Outlook 4
E you don't have permission to perform this action exchange 2016 Exchange Server Administration 0
Diane Poremsky Set Another Data File as Default When Using an Exchange Account New Articles 0
PMR0001 Exchange cf Exchange ActiveSync Exchange Server Administration 1
PMR0001 Mydomain and Exchange post EAS Using Outlook 1
F Contacts folders not syncing with hosted exchange Using Outlook 3
L Receiving work/Exchange email to my personal email Using Outlook 2

Similar threads