AD RMS - Unable to connect using cluster name (AD RMS console)
Symptom(s):
- Attempting to connect to the AD RMS cluster name in the Active Directory Rights Management Services Console results in the following error:
- The following Active Directory Rights Management Services dialog may appear.
A connection with the AD RMS cluster "rms.contoso.com" could not be established because of the following reason:
The request failed with HTTP status 401: Unauthorized.
Ensure that your connection is the correct protocol, such as HTTP or HTTPS, and that the port number is correct. - Attempting at access https://rms.contoso.com/_wmcs/licensing/license.asmx from the RMS server results in several logon prompts then the HTTP Error 401.1.
Cause: By default the server cannot connect to itself using a non-host name.
Resolution: Enable the following registry settings on the RMS server and reboot.
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters
Name: DisableStrictNameChecking
Type: DWORD
Value: 1 - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Name: DisableLoopbackCheck
Type: DWORD
Value: 1
Addition information on DisableStrictNameChecking & DisableLoopbackCheck: KB 926642