Jason Tyler, the customer support guy for AD RMS, helped me troubleshoot an issue I was having today with the AD RMS UserActivation sample in the Windows SDK.

I was trying to activate a user I had created on the domain controller. I logged in to the client computer (running Vista) as this new user, compiled the UserActivation sample, and then browsed to the folder containing useractivation.exe. To run the .exe, you have to enter a command like the following: useractivation -U myuser@mydomain.local

Anyhow, when I tried it, I kept getting the following error: E_DRM_AD_ENTRY_NOT_FOUND - 0x8004CF5D

We tried to remove and add the user on the domain controller, but still had the same error. After quite a bit of troubleshooting, we looked in the logs and found that the activation request was being sent as administrator@mydomain.com instead of the user I wanted to activate, which was devguy@mydomain.com. Jason then realized that the command prompt I was using was the CMD Shell prompt. When we switched to the "regular" command prompt, everything worked.

Note: You can view the AD RMS logs at the following path on the AD RMS server: <disk letter>:\inetpub\logs\LogFiles\W3SVC1