First published on CloudBlogs on Aug 31, 2016
Our technical writer, Carol Bailey, is letting you know what’s new and hot in the docs for this month.
Follow us on Twitter (
) and join in our peer community at
Dan (on behalf of the Information Protection team)
Documentation for Azure Rights Management
has been updated on the web and the latest content has a
(or later) date at the top of the article.
In addition to the Azure RMS doc updates listed below, if you’ve been following and evaluating the Azure Information Protection preview, you might be interested in these doc updates:
Requirements and additional information for the
“hold your own key” feature, which uses AD RMS to protect the small percentage of documents or emails that must use an on-premises key:
Hold your own key (HYOK) requirements and restrictions for AD RMS protection
Additional information and examples for the variables that you can use in the headers and footers: See the
Using variables in the text string
section from the policy configuration documentation.
Try some of the example conditions documented in the
Information about the built-in conditions
section, also from the policy configuration documentation.
We invite you to share your findings or ask questions about the preview with the
Information Protection team
If you have feedback about the documentation for Azure RMS, the RMS sharing application, or Azure Information Protection: Email
. We value customer feedback and try to incorporate it whenever possible.
What’s new in the documentation for Azure Rights Management, August 2016
The following information lists the articles that have significant technical changes since the last update (July 2016). If you have problems finding information on the new publishing site, let us know and we will help you locate it while the search engines index these new pages.
Azure RMS requirements: Applications
– Updated the table for Android and Office Mobile for Word, Excel, PowerPoint to clarify that this is supported for Azure RMS only. This clarification is also added to the
Active Directory Rights Management Services Mobile Device Extension
Planning and implementing your Azure Rights Management tenant key
– Updates throughout now that Azure RMS bring you own key (BYOK) uses Azure Key Vault. Also clarified that you can move to BYOK at any time and retain access to previously protected documents and emails by using the previous, now archived key.
Migrating from AD RMS to Azure Rights Management
– Updates to procedures for when you want to manage your own tenant key (BYOK with Azure Key Vault), and the new requirements that your AD RMS servers must be in cryptographic mode 2 and running at least Windows Server 2008 R2 (Windows Server 2008 is no longer supported).
Configuring usage rights for Azure Rights Management
– Updated to clarify that the Full Control right is required to re-protect documents and emails.
Logging and analyzing Azure Rights Management usage
– Updated for the new request types (KeyVaultDecryptRequest, KeyVaultGetKeyInfoRequest, KeyVaultSignDigest) now that BYOK uses Azure Key Vault.
Installing Windows PowerShell for Azure Rights Management
– Updated for the latest Azure RMS PowerShell module: version 220.127.116.11. For this new version, you must uninstall any previously installed versions of the Azure Rights Management Administration Tool, and you no longer need the Microsoft Online Services Sign-In Assistant. You can use this version of the PowerShell module to connect to Azure RMS with an account that uses MFA, by using the
cmdlet without any parameters.
Rights Management sharing application administrator guide
– Updated the automatic deployment instructions, for Office 2010 and AD RMS: Step 2 has new instructions for Windows 7, where the aadrmpep.exe /configureO2010 command must be run from within the context of the x64win 7 or x86win7 folder.
– New Azure RMS cmdlet for when you want to manage your own tenant key (BYOK) by using Azure Key Vault.
Source: EM+S Blog Feed