The two days of Windows
AD RMS deployment test, originally felt a very simple thing, but because of a small problem, I installed and unloaded It was unloaded and loaded, and it took two days to repeat it. It was very embarrassing and almost mad. But finally I was finally inspired by a post, found the root cause of the problem and found a reasonable solution. It seems that in the future, the system integration work must be good at using the network, the error first response to view the error log, and then extract the keyword GG or BD from the log, and gradually lock the root cause of the error to determine the solution. Can be freed from this painful experience, I am really grateful to the authors of these posts, if I am not inspired from here, I am afraid that this is still in the heat. Show the whole process here. On the one hand, as an ideological guide to solve such problems in the future, on the one hand, to show the technical details, I hope to help friends who encounter the same problem technical problems. Scenario 1: There is a problem. Prepare to build the Windows AD RMS test environment. The deployment documentation is found on TechNet, but the steps are tedious and there are no screenshots. At this time, in the WinOS forum found "Windows Server 2008 AD RMS actual installation and deployment" article, the document is very clear and concise, it is done step by step. Acknowledgement: First of all, thanks to the author of "Windows Server 2008 AD RMS Practical Installation and Deployment"! Everything went well, only the last mistake was made, and the uninstall was reinstalled. However, when the second installation is completed, it prompts “Active Directory Rights Management Services: The installation was successful, but there is an error”. Scenario 2: Determine the root cause of the problem and think that it is a step operation that does not pay attention to the operation error. However, after uninstalling and reinstalling N times, it is found that the problem is not so simple. Finally, an error message was found in the system log <Error>: An attempt to configure Active Directory Rights Management Server failed. The AD RMS installation cannot determine the certificate hierarchy. If the AD RMS Service Connection Point (SCP) you need to use is already registered in Active Directory but is invalid, modify it to make it valid, or create a new SCP and then install AD RMS again. ” After extracting the keyword search, another sentence in the "Windows Rights Management Service RMS Deployment Combat" gave me the inspiration "Note: If you need to delete the RMS root authentication server, you must first delete the AD. The SCP can be deleted, otherwise you will not be able to establish the root authentication server again. Is it because the original SCP service access point has not been deleted? Comparing the list of steps when I installed the AD RMS role again and the list of steps in the screenshots in the document, I found that there is indeed one step less. “Registering SCP” means that I have installed the system in addition to the first installation. Skip this step directly! It seems that there is no doubt that the root of the problem is here! Acknowledgement: Thanks to the author of "Windows Rights Management Service RMS Deployment Actual Combat", thank you for the inspiration in the article! Scenario 3: Solving the problem The root cause of the problem is found. The rest is the search solution, that is, how to delete the existing SCP in the existing AD. I quickly found the solution "How to Remove the RMS Root Authentication Server" and follow the steps to solve the problem easily. The solution is as follows: First, download the RMS Tool kit from the Microsoft website and install it; the second step is to enter the CMD mode and enter the ADScpRegister directory of the RMS ToolKit; the third step is to run ADScpRegister.exe unregisterscp. OK, you can re-install RMS! Another method: 1. Log in to your domain controller; 2. Install the Support tool (the tool is Support\\tools\\suptools.msi on the Windows installation CD); 3. Click Start & mdash; — > All Programs & mdash ;—〉Windows Support Tools——〉Command Prompt;4, enter adsiedit.msc;5, expand Configuration [*.*.COM]——〉CN=Configuration,DC=*,DC=*&mdash ;—〉CN=Services——〉CN=RightsManagementServices; 6. Delete the CN=SCP subkey; 7. Reinstall the RMS server!
Windows 7 includes a wide range of nearby driver libraries. In the basic installation of the operati
. The floppy disk has become a dusty history. I am afraid that the computer users who have not used
1. Display the week format directlyOperation steps: Click the time zone in the lower right corner of
ping belongs to a communication protocol and is part of the TCP/IP protocol. Use the “ping&rdq
Windows 7 default IE8 minimum window width height limit
Win7 prompts "Intel (R) fast storage technology is not running" What should I do?
How to clear windows 7 access records?
How to remove the CH word in front of the win7 computer input method
Win7 how to delete the .svn file
Open txt file in Win7 shows "Cannot find script file" solution
What can I do if I can't find the WordPad in the Win7 accessory?
What can I do if I can't find the dvd driver in win7 system?
Win7 system u disk is written to protect how to lift
When the computer is connected to the VPN, the error is 721. How to do
Microsoft Win8 is not good prospects? Vista nightmare is coming again?
Linux domain name resolution function gethostbyname and getaddrinfo
Is automatic update too overdone?
GHOST blue screen of death and SATA hard drive suspended death solution
How to make U disk automatically play under Win7
DNF defends the farm to fight how to play DNF defends the farm big combat game Raiders
Cannot find the solution for the logout menu in the start menu
Switching pages is faster! Maxthon's new tips explain