Translate this site using Windows Live Translator:
The required Windows Rights Management client is present but the server refused access - RMS: Protecting Your Assets. - Site Home - TechNet Blogs

RMS: Protecting Your Assets.

The Protecting 'My' Asset Disclaimer: This is my 'un-official', 'in my spare time', 'use at your own risk', all things RMS (Rights Management Services), IRM (Information Rights Management), IPP (Information Protection Pla

The required Windows Rights Management client is present but the server refused access

The required Windows Rights Management client is present but the server refused access

  • Comments 3
  • Likes

Another from Carsten: 

 

This is Carsten again. With this blog entry I’d like to provide some background information on a misleading error message in the MOSS Information Rights Management configuration page.

 

The Deploying Windows Rights Management Services with Microsoft Office SharePoint Server 2007 Step-By-Step Guide explains in the To add SPS-SRV to the RMS Certification Pipeline section that the computer account of the MOSS computer requires Read & Execute permissions on the ServerCertification.asmx file. This guidance assumes that the Sharepoint web application is running under the Network Service account. Honestly, in a MOSS enterprise configuration, this is quite unlikely because Microsoft is recommending in Plan for administrative and service accounts to use dedicated service accounts for MOSS.

 

If you are following the recommended practices, the IIS web pool identity used by the SharePoint Central Administration and the IIS web pool identity used by the current MOSS web application requires Read & Execute permissions on the ServerCertification.asmx file. In this case, the computer account of the MOSS server does not matter.

 

If those two service accounts are not permitted correctly, the following misleading error is shown:

 

 

The following sample screenshot illustrates how to correctly permit the accounts used by the MOSS web application and the SharePoint Central Administration:

 

Comments
  • Hi,

         In your screenshot for the permissions you have the Farm Account set to Deny - did you mean to set this to Allow??

    Thanks,

    James.

  • You are Right, you must grant allow access.

  • Thanks a lot for this post. I had granted access to my WFE servers on the ServerCertification.asmx file, but missed the  identity pool account. After granting access to the service account, I am not seeing the error anymore.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment