|
| Rights Policy Template Error |
 |
Mon, 28 Jan 2008 12:24:11 -080 |
I am getting errors when trying to use rights policy template. Here is my
scenario Iam testing:
1. Created 2 users in AD: user1 and user2
2. Created 1 group testgroup1 with group scope: universal and group type:
security.
3. Made user1 member of testgroup1.
4. Created rights policy template testgroup with full control assigned to
testgroup1@mydomain.com.
5. Copied the right policy template to users pc.
6. user1 created word document test.docx with restrict permission by using
the testgroup template.
7. user2 cannot open the document test.docx which works correctly.
8. Made user2 member of testgroup1.
9. user2 cannot open the document test.docx. Get following even warning in
rms server:
A client request is not valid and cannot be processed. The following
information was reported:
Microsoft.DigitalRightsManagement.Licensing.NoRightsForRequestedPrincipalExcepti
on: The publish license contains no rights for the requested principal.
at
Microsoft.DigitalRightsManagement.Licensing.WorkSpec.BuildUserRights(String
strRightsData, EnablingBits oUserEnablingBits, SignedRightsLabelDocument
signedRightsLabel)
at
Microsoft.DigitalRightsManagement.Licensing.WorkSpec.BuildWorkSpecXML(SignedRigh
tsLabelDocument
signedRightsLabel, Principal principal, Principal
oUnalteredPersonaIssuedPrincipal)
at
Microsoft.DigitalRightsManagement.Licensing.LicenseGen.CreateEULBody(Principal
principal, SignedRightsLabelDocument oSignedRightsLabel, Boolean
applicationExclusionEnabled, Boolean OSExclusionEnabled, String
OSExcludedVersionSpan, Boolean fSuperUser, Principal
oUnalteredPersonaIssuedPrincipal)
at
Microsoft.DigitalRightsManagement.Licensing.LicensePipeline.GenerateEUL(PersonaC
ertificate
oPersonaCert, SignedRightsLabelDocument signedRightsLabel, String Ticket,
IDrmsPropertyBag propertyBag)
at
Microsoft.DigitalRightsManagement.Licensing.LicensePipeline.PipelineAcquireLicen
se(AcquireLicenseParams[]
RequestParams, HttpRequest request, IIdentity userIdentity)
Any suggestions?
Thanks.
|
| Post Reply
|
| RE: Rights Policy Template Error |
 |
Fri, 15 Feb 2008 10:31:01 -080 |
You may be running into group caching issues. Check out:
http://blogs.technet.com/rmssupp/archive/2007/12/31/troubleshooting-group-expans
ion-problems-with-rms.aspx
Also, run the script here to make sure that your group membership has
replicated across all GCs and the group type is what you expect to see.
http://blogs.technet.com/rmssupp/archive/2007/12/31/troubleshooting-group-expans
ion-problems-with-rms.aspx
-Jason
"raj" wrote:
> I am getting errors when trying to use rights policy template. Here is my
> scenario Iam testing:
>
> 1. Created 2 users in AD: user1 and user2
> 2. Created 1 group testgroup1 with group scope: universal and group type:
> security.
> 3. Made user1 member of testgroup1.
> 4. Created rights policy template testgroup with full control assigned to
> testgroup1@mydomain.com.
> 5. Copied the right policy template to users pc.
> 6. user1 created word document test.docx with restrict permission by using
> the testgroup template.
> 7. user2 cannot open the document test.docx which works correctly.
> 8. Made user2 member of testgroup1.
> 9. user2 cannot open the document test.docx. Get following even warning in
> rms server:
>
> A client request is not valid and cannot be processed. The following
> information was reported:
>
Microsoft.DigitalRightsManagement.Licensing.NoRightsForRequestedPrincipalExcepti
on: The publish license contains no rights for the requested principal.
> at
> Microsoft.DigitalRightsManagement.Licensing.WorkSpec.BuildUserRights(String
> strRightsData, EnablingBits oUserEnablingBits, SignedRightsLabelDocument
> signedRightsLabel)
> at
>
Microsoft.DigitalRightsManagement.Licensing.WorkSpec.BuildWorkSpecXML(SignedRigh
tsLabelDocument
> signedRightsLabel, Principal principal, Principal
> oUnalteredPersonaIssuedPrincipal)
> at
>
Microsoft.DigitalRightsManagement.Licensing.LicenseGen.CreateEULBody(Principal
> principal, SignedRightsLabelDocument oSignedRightsLabel, Boolean
> applicationExclusionEnabled, Boolean OSExclusionEnabled, String
> OSExcludedVersionSpan, Boolean fSuperUser, Principal
> oUnalteredPersonaIssuedPrincipal)
> at
>
Microsoft.DigitalRightsManagement.Licensing.LicensePipeline.GenerateEUL(PersonaC
ertificate
> oPersonaCert, SignedRightsLabelDocument signedRightsLabel, String Ticket,
> IDrmsPropertyBag propertyBag)
> at
>
Microsoft.DigitalRightsManagement.Licensing.LicensePipeline.PipelineAcquireLicen
se(AcquireLicenseParams[]
> RequestParams, HttpRequest request, IIdentity userIdentity)
>
> Any suggestions?
>
> Thanks.
|
| Post Reply
|
|
|
|
|
|
|
|
|
|