![]() To continue this post I have included information and configuration steps around Azure RMS and IRM in Office 365. As the move to O365 continues we need to know what we can and cannot do to protect our data. I don’t believe this is a common scenario but I believe this is an important use case to know as I could not find this unsupported scenario documented anywhere. Basically that external user was granted permission in SharePoint Online but that permission does not pass through to Azure RMS unless they use an O365 account. It fails because no Org ID actually is given permission (the permission is given to the Live ID). Then Office explicitly looks for an Org ID token that has right to open it, which is by design. When Office client opens the document, it needs to connect to the Azure RMS server using an Org ID. The reason that this is happening is because when a Live ID (non-O365 user) downloads a document from a SharePoint Online (SPO) protected library, SPO protects the doc with IRM by giving permission to your Live ID. The only way to allow that external user to access the document is to change permission directly on the document itself using the “Change Permission” option in the yellow notification bar in the full Word client. You can request updated permissions from ” No matter what you choose here you will never be able to access the document. If that document is downloaded and then opened the user will receive and error stating “You do not have credentials that allow you to open this document. It can be viewed in the browser and the IRM policy can be viewed as working. Test Document 1 is in an IRM protected library and shared with an account. If a standard Live ID is used the document will be able only be able to be viewed in the browser. I have confirmed this scenario with Microsoft as being unsupported. What I found out was that:Īn IRM protected document that is shared to an external user, will not be able to be viewed after it is downloaded, unless they used an Office 365 ID to access the document. The situation revolved around a document that had an IRM policy applied to it and was shared with an external user. I can fix the issue from the “Fix It” option.I have began working with IRM policies in Office 365 more often recently and ran into a situation that surprised me. In our example, I’ve some issue with RMS requirement Once installed the RMS analyze tool we can perform few actions and first we start with the Azure RMS User Restores the RMS client to the default state.Installs missing Azure RMS prerequisites.The RMS analyze tool can perform remediation on the client machine with the following actions: Azure RMS prerequisites (required hotfixes, registry key settings, Microsoft Online Sign-in Assistant, etc.).Azure RMS certification, licensing, and pre-licensing functionality.Office 2010, 2013, and 2016 registry settings.The RMS Diagnostic tests that check the following settings: The RMS Analyzer can be used to check the settings, configuration, and health of your Azure RMS infrastructure and the client applications that use RMS. In the next series of articles, we will understand how to troubleshoot and resolve common and special issues that can occur when working with Azure Information Protection.Īzure RMS Analyzer Tool is a small but useful tool that can help you in solving your problem by analyzing your work against the Azure AIP service.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |