从FSRM任务 - 2012R2运行时出现AD RMS PowerShell错误

时间:2017-05-16 16:48:25

标签: powershell rms

尝试运行FCI PowerShell脚本时遇到问题。见下面的错误。

我创建了一个基本上只包含Protect-RMSFile cmdlet的脚本的精简版本,并获得与上面相同的错误。这适用于ADRMS内部部署。当我从File Server Resource Manager>运行任务时File Management Tasks> [Task]> Run File Management Task Now,调试日志显示错误。我将任务作为本地系统运行。我读过可能需要复制到各种文件夹的一些ipsec * DLL,并且这样做了。

如果我直接从PowerShell运行Protect-RMSFile,它会完美执行并按预期保护文件。如果同一命令作为文件管理任务运行,则会出错。 

[2017-05-16T08:53:44.5232269-07:00] [INFORMATIONAL] [214] Logging location : C:\Users\Default\AppData\Local\Microsoft\MSIPC\pscmdlet\Logs\debug.log ["C:\\Users\\Default\\AppData\\Local\\Microsoft\\MSIPC\\pscmdlet\\Logs\\debug.log"]
[2017-05-16T08:53:44.6638518-07:00] [INFORMATIONAL] [215] Working directory : C:\Windows\TEMP\RMSProtection\4o1gco3x.xjl ["C:\\Windows\\TEMP\\RMSProtection\\4o1gco3x.xjl"]
[2017-05-16T08:53:44.6638518-07:00] [VERBOSE] [401] Calling IpcInitialize... ["Calling IpcInitialize..."]
[2017-05-16T08:53:44.6638518-07:00] [VERBOSE] [401] Calling IpcSetStoreName... ["Calling IpcSetStoreName..."]
[2017-05-16T08:53:44.6638518-07:00] [VERBOSE] [401] IpcSetStoreName successful... ["IpcSetStoreName successful..."]
[2017-05-16T08:53:44.6638518-07:00] [VERBOSE] [401] IpcInitialize successful ["IpcInitialize successful"]
[2017-05-16T08:53:44.6638518-07:00] [VERBOSE] [401] +IpcSetApplicationId ["+IpcSetApplicationId"]
[2017-05-16T08:53:44.6638518-07:00] [VERBOSE] [401] +IpcSetApplicationId ["+IpcSetApplicationId"]
[2017-05-16T08:53:44.6638518-07:00] [VERBOSE] [401] Client mode already initialized ["Client mode already initialized"]
[2017-05-16T08:53:44.6794764-07:00] [INFORMATIONAL] [301] Starting Protection Version : 2.0.0.0 ["Protection","2.0.0.0","2017-05-16 15:53:44Z"]
[2017-05-16T08:53:44.6794764-07:00] [VERBOSE] [401] Starting 2.0.0.0 Version : 2017-05-16 15:53:44Z ["Starting 2.0.0.0 Version : 2017-05-16 15:53:44Z"]
[2017-05-16T08:53:44.6794764-07:00] [INFORMATIONAL] [212] Component : 'File1-415e47b19d2b.pdf' moved from 'New' to 'Protected' ["File1-415e47b19d2b.pdf","New","Protected"]
[2017-05-16T08:53:44.6794764-07:00] [VERBOSE] [204] Protecting : File1-415e47b19d2b.pdf ["File1-415e47b19d2b.pdf"]
[2017-05-16T08:53:44.6794764-07:00] [VERBOSE] [205] Encrypting : C:\PROTECTED\2\OUTPUT\File1-415e47b19d2b.pdf ["C:\\PROTECTED\\2\\OUTPUT\\File1-415e47b19d2b.pdf"]
[2017-05-16T08:53:44.6794764-07:00] [VERBOSE] [401] Calling IpcfEncryptFile ["Calling IpcfEncryptFile"]
[2017-05-16T08:53:44.6951020-07:00] [VERBOSE] [401] Calling IpcCreateLicenseFromTemplateId... ["Calling IpcCreateLicenseFromTemplateId..."]
[2017-05-16T08:53:44.7263515-07:00] [INFORMATIONAL] [212] Component : 'File1-415e47b19d2b.pdf' moved from 'Protected' to 'Errored' ["File1-415e47b19d2b.pdf","Protected","Errored"]
[2017-05-16T08:53:45.0232260-07:00] [ERROR] [504] Error protecting File1-415e47b19d2b.pdf with error: The system cannot find the file specified. HRESULT: 0x80070002
at Microsoft.InformationProtectionAndControl.SafeNativeMethods.ThrowOnErrorCode(Int32 hrError)
at Microsoft.InformationProtectionAndControl.SafeNativeMethods.IpcCreateLicenseFromTemplateId(String templateId)
at RMSProtection.Core.Protection.FileProtection.BuildLicense(FileProtectionConfig config)
at RMSProtection.Core.Protection.FileProtection.<>c__DisplayClass3.<Protect>b__1()
at RMSProtection.Core.Protection.FileProtection.EncryptFile(Func`1 action, FileSystemInfo sourceFile)
at RMSProtection.Core.Protection.Protector.ProtectFile(Component component, FileSystemInfo file, FileProtectionConfig options)
at RMSProtection.Core.Protection.Protector.Protect(Component component, FileProtectionConfig options) ["File1-415e47b19d2b.pdf","The system cannot find the file specified. HRESULT: 0x80070002","   at Microsoft.InformationProtectionAndControl.SafeNativeMethods.ThrowOnErrorCode(Int32 hrError)\r\n   at Microsoft.InformationProtectionAndControl.SafeNativeMethods.IpcCreateLicenseFromTemplateId(String templateId)\r\n   at RMSProtection.Core.Protection.FileProtection.BuildLicense(FileProtectionConfig config)\r\n   at RMSProtection.Core.Protection.FileProtection.<>c__DisplayClass3.<Protect>b__1()\r\n   at RMSProtection.Core.Protection.FileProtection.EncryptFile(Func`1 action, FileSystemInfo sourceFile)\r\n   at RMSProtection.Core.Protection.Protector.ProtectFile(Component component, FileSystemInfo file, FileProtectionConfig options)\r\n   at RMSProtection.Core.Protection.Protector.Protect(Component component, FileProtectionConfig options)"]
[2017-05-16T08:53:45.0232260-07:00] [LOGALWAYS] [602] Id : 1, Type : FileLeaf, Description : File1-415e47b19d2b.pdf, Location : File1-415e47b19d2b.pdf, TempFilePath: C:\PROTECTED\2\OUTPUT\File1-415e47b19d2b.pdf, Error : Failed to protect ["1","FileLeaf","File1-415e47b19d2b.pdf","File1-415e47b19d2b.pdf","C:\\PROTECTED\\2\\OUTPUT\\File1-415e47b19d2b.pdf","Failed to protect"]
[2017-05-16T08:53:45.0232260-07:00] [VERBOSE] [401] 1 ["1"]
[2017-05-16T08:53:45.0232260-07:00] [INFORMATIONAL] [302] Completed Protection after '0:00:00.3480937', successfully completed processing of 0 of 1 items, failed processing 1 of 1 ["Protection","0:00:00.3480937",0,1,1]

1 个答案:

答案 0 :(得分:0)

这不适用于AD RMS。错误“系统找不到指定的文件”涉及缺少的RMS策略模板文件。 FSRM任务作为本地系统,本地服务或网络服务运行 - 根据MSIPC客户端无法根据预期使用AD RMS策略模板来引导这些帐户。

以下是我的建议: - 使用最新AIP预览客户端的AIP Powershell cmdlet - 查看“IntegratedAuth”功能(目前仅预览)https://docs.microsoft.com/en-us/powershell/module/azureinformationprotection/Set-RMSServerAuthentication?view=azureipps。这应该在服务器模式下运行命令(作为计算机帐户,必须在每个AD RMS服务器上的ServerCertification.asmx上授权)

相关问题
最新问题