Skip to content

Enterprise Mobility + Security


Hi everybody

Our technical writer, Carol Bailey, is letting you know what’s new and hot in the docs for this month.

Reminders: Follow us on Twitter (@TheRMSGuy) and join in our peer community at www.yammer.com/AskIPTeam.

   Dan (on behalf of the Information Protection team)


The Documentation for Azure Rights Management has been updated on the web and the latest content has a August 2016 (or later) date at the top of the article.

In addition to the Azure RMS doc updates listed below, if you’ve been following and evaluating the Azure Information Protection preview, you might be interested in these doc updates:

We invite you to share your findings or ask questions about the preview with the Information Protection team on Yammer.

If you have feedback about the documentation for Azure RMS, the RMS sharing application, or Azure Information Protection: Email AskIPTeam@Microsoft.com. We value customer feedback and try to incorporate it whenever possible.

 

What’s new in the documentation for Azure Rights Management, August 2016

The following information lists the articles that have significant technical changes since the last update (July 2016). If you have problems finding information on the new publishing site, let us know and we will help you locate it while the search engines index these new pages.

Azure RMS requirements: Applications

– Updated the table for Android and Office Mobile for Word, Excel, PowerPoint to clarify that this is supported for Azure RMS only. This clarification is also added to the Active Directory Rights Management Services Mobile Device Extension documentation.

Planning and implementing your Azure Rights Management tenant key

– Updates throughout now that Azure RMS bring you own key (BYOK) uses Azure Key Vault. Also clarified that you can move to BYOK at any time and retain access to previously protected documents and emails by using the previous, now archived key.

Migrating from AD RMS to Azure Rights Management

– Updates to procedures for when you want to manage your own tenant key (BYOK with Azure Key Vault), and the new requirements that your AD RMS servers must be in cryptographic mode 2 and running at least Windows Server 2008 R2 (Windows Server 2008 is no longer supported).

Configuring usage rights for Azure Rights Management

– Updated to clarify that the Full Control right is required to re-protect documents and emails.

Logging and analyzing Azure Rights Management usage

– Updated for the new request types (KeyVaultDecryptRequest, KeyVaultGetKeyInfoRequest, KeyVaultSignDigest) now that BYOK uses Azure Key Vault.

Installing Windows PowerShell for Azure Rights Management

– Updated for the latest Azure RMS PowerShell module: version 2.5.0.0. For this new version, you must uninstall any previously installed versions of the Azure Rights Management Administration Tool, and you no longer need the Microsoft Online Services Sign-In Assistant. You can use this version of the PowerShell module to connect to Azure RMS with an account that uses MFA, by using the Connect-AadrmService cmdlet without any parameters.

Rights Management sharing application administrator guide

– Updated the automatic deployment instructions, for Office 2010 and AD RMS: Step 2 has new instructions for Windows 7, where the aadrmpep.exe /configureO2010 command must be run from within the context of the x64\win 7 or x86\win7 folder.

Use-AadrmKeyVaultKey

– New Azure RMS cmdlet for when you want to manage your own tenant key (BYOK) by using Azure Key Vault.