Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
A client request includes a publishing license that is not trusted. The following information was reported: Microsoft.DigitalRightsManagement.Licensing.UntrustedRightsLabelException: The publishing license was not issued by a trusted source.
at Microsoft.DigitalRightsManagement.Licensing.LicensePipeline.ValidateSignedRightsLabel(SignedRightsLabelDocument oSignedRightsLabel Boolean fSuperUser)
at Microsoft.DigitalRightsManagement.Licensing.LicensePipeline.GenerateEUL(PersonaCertificate oPersonaCert SignedRightsLabelDocument signedRightsLabel String Ticket IDrmsPropertyBag propertyBag)
at Microsoft.DigitalRightsManagement.Licensing.LicensePipeline.PipelineAcquireLicense(AcquireLicenseParams RequestParams HttpRequest request IIdentity userIdentity).
|English: Request a translation of the event description in plain English.|
From a newsgroup post: "If you re-provisioned your RMS server, then I suspect the user that sent the email still has a publishing license that was signed by the original instance of RMS. The new instance of RMS will not be able to provide use licenses for content protected by those legacy credentials (unless you import the old key material as a "trusted publishing domain"). This is only possible if you exported/backed up the key material before you re-provisioned.
You should make sure that any clients that received credentials (RACs and CLCs) from the legacy RMS server remove those credentials and get new ones from the current RMS server; otherwise, you will keep having this problem. The RACs are valid for a year, and the CLCs do not expire, so the clients will merrily continue to use them as long as they are there on their systems.
Clients can remove their old credentials by opening an RMS enabled app (like Word 2003), selecting File -> Permission -> Restrict Permission As, selecting their email address and clicking "Remove". The next time they try to use an RMS function, they will automatically go get a new set of credentials from the new server".
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated