Resolved error setting up IRM for SharePoint 2007
Was working on a proof of concept today and ran across an interesting error when trying to get the MOSS server to talk to RMS. Since this is just in a lab, the MOSS central administration web app pool was running as Network Service. When I chose to specify the RMS server, the error was that it was found, but that the local machine account did not have access. Turns out, you need to set a few permissions on one of the asmx web service files on the RMS server. In my case the RMS Server was on a domain controller- installed with the default options. To solve the problem, I simply went to c:\inetpub\wwwroot\_wmcs\certification and modified the permissions of ServerCertification.asmx. I added the computer account of the MOSS server, and the app pool identity of my other web applications, as well as the AD RMS Service Group. That fixed it. Here is another post that has some pretty pictures and more explanation: