Office 2013 and AD RMS "the user has not been authenticated”
Symptoms:
When attempting to protect a document or open a protected document with Office 2013 you get the error:
“Sorry, something went wrong opening Information Rights Management protected content. The operation being requested was not performed because the user has not been authenticated”
This might occur if you have a self-signed certificate for your ADRMS server, and that self-signed certificates has the NetBIOS name of the actual ADRMS server name as subject name, but has a different URL for the various pipelines.
On the AD RMS server you will see no attempt to connect.
If you enable client side MSIPC tracing you will see several failures with a return code of:
0x8004020D stands for IPCERROR_NEEDS_ONLINE
Solution:
Install a CA and use a certificate that has the alternate subject names included.
More Information:
Office 2013 is using winhttp instead of wininet again, and therefore simply fails silently and not prompting you for the override of the SSL check. As Office 2013 is checking SSL certificates more strict than older versions, this is the outcome. The error message is misleading.