| Event Id | 218 |
| Source | Active Directory Rights Management Services |
| Description | The authentication data is not valid for the remote server. |
| Event Information | According to Microsoft : Cause : This event is logged when the authentication data is not valid for the remote server. Resolution : Check AD RMS service account permissions and change AD RMS proxy settings Use the following sections to add the AD RMS service account to the appropriate group and change the AD RMS proxy settings. Add the AD RMS service account to the AD RMS Service Account group To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority. To add a user account to the AD RMS service account group: 1.Click Start, point toAdministrative Tools, and then clickComputer Management. 2.ExpandLocal Users and Groups, and then clickGroups.3.Right-clickAD RMS Service Account, and then clickAdd to Group. 4.Click Add. 5.In theSelect Users, Computers, or Groups dialog box, type a name for the user account, and then clickOK two times. Change the AD RMS proxy settings To perform this procedure, you must be a member of the local AD RMS Enterprise Administrators group, or you must have been delegated the appropriate authority. To change the AD RMS proxy settings: 1.Open the Active Directory Rights Management Services console. ClickStart, point toAdministrative Tools, and then clickActive Directory Rights Management Services. 2.Right-click the AD RMS cluster, and then clickProperties. 3.Click theProxy Settings tab. 4.Select theThis cluster uses a proxy server to access external networks check box. 5.In the Address box, type the IP address or DNS name of the proxy server that you want to use. 6.In the Port box, type the port number that the proxy server uses to connect to the Internet.If you do not use the proxy server to connect to local resources, select theBypass proxy server for local addresses check box. 7.If appropriate, select the This proxy server requires authentication check box. 8.InAuthentication type, choose the appropriate authentication type from the list:Basic, Digest, orIntegrated Windows. 9.In User name, type the user name that should be supplied in response to the challenge from the proxy server. 10.In Password, type the password that should be supplied in response to the challenge from the proxy server. 13.Click OK. Verify : AD RMS allows the user to apply rights-protection to a document and specify a Windows Live ID user to consume the content. Use the first procedure, "Ensure that the AD RMS cluster can contact the Windows Live ID service," to ensure that the AD RMS cluster can access the Internet to establish this trust policy. To perform these procedures, you must be a member of the local Users group, or you must have been delegated the appropriate authority. Ensure that the AD RMS cluster can contact the Windows Live ID service To ensure that the AD RMS cluster can contact the Windows Live ID service: 1.Log on to the AD RMS server as the AD RMS service account. 2.ClickStart, point to All Programs, and then click Internet Explorer. 3.In the address bar, type http://certification.drm.microsoft.com, and then type ENTER. Check for connectivity to the Microsoft Activation service. To check for connectivity to the Microsoft Activation Service: 1.Log on to a client computer. 2.ClickStart, clickAll Programs, and then clickInternet Explorer. 3.In the address bar, type https://activation.drm.microsoft.com/activation/activation.asmx, and then press ENTER.If the URL resolves to a Web page with the title ActivationWebService Web Service, the activation URL is operating correctly. Ensure that the AD RMS cluster is available on the network To ensure that the AD RMS cluster is available on the network: 1.Log on to an AD RMS-enabled client computer. 2.ClickStart, point toAll Programs, point toMicrosoft Office, and then clickMicrosoft Office Word 2007. 3.In the new document typeThis is a test document. 4.Click theMicrosoft Office Start Button, point to Prepare, point toRestrict Permissions, and then clickRestricted Access. 5.Select theRestrict permissions to this document check box. 6.Type another AD RMS user's e-mail address in the Read box, and then click OK. 7.Send this file to the person who was granted access in step 6. 8.Have this person open the document and verify that he or she cannot do anything else with the document such as print it. |
| Reference Links | Event ID 218 from Source Active Directory Rights Management Services |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.