Azure RMS Documentation Update for August 2016

First published on CloudBlogs on Aug 31, 2016

Hi everybody

Our technical writer, Carol Bailey, is letting you know what’s new and hot in the docs for this month.


Follow us on Twitter (


) and join in our peer community at


Dan (on behalf of the Information Protection team)


Documentation for Azure Rights Management

has been updated on the web and the latest content has a

August 2016

(or later) date at the top of the article.

In addition to the Azure RMS doc updates listed below, if you’ve been following and evaluating the Azure Information Protection preview, you might be interested in these doc updates:

We invite you to share your findings or ask questions about the preview with the

Information Protection team

on Yammer.

If you have feedback about the documentation for Azure RMS, the RMS sharing application, or Azure Information Protection: Email

. We value customer feedback and try to incorporate it whenever possible.

What’s new in the documentation for Azure Rights Management, August 2016

The following information lists the articles that have significant technical changes since the last update (July 2016). If you have problems finding information on the new publishing site, let us know and we will help you locate it while the search engines index these new pages.

Azure RMS requirements: Applications

– Updated the table for Android and Office Mobile for Word, Excel, PowerPoint to clarify that this is supported for Azure RMS only. This clarification is also added to the

Active Directory Rights Management Services Mobile Device Extension


Planning and implementing your Azure Rights Management tenant key

– Updates throughout now that Azure RMS bring you own key (BYOK) uses Azure Key Vault. Also clarified that you can move to BYOK at any time and retain access to previously protected documents and emails by using the previous, now archived key.

Migrating from AD RMS to Azure Rights Management

– Updates to procedures for when you want to manage your own tenant key (BYOK with Azure Key Vault), and the new requirements that your AD RMS servers must be in cryptographic mode 2 and running at least Windows Server 2008 R2 (Windows Server 2008 is no longer supported).

Configuring usage rights for Azure Rights Management

– Updated to clarify that the Full Control right is required to re-protect documents and emails.

Logging and analyzing Azure Rights Management usage

– Updated for the new request types (KeyVaultDecryptRequest, KeyVaultGetKeyInfoRequest, KeyVaultSignDigest) now that BYOK uses Azure Key Vault.

Installing Windows PowerShell for Azure Rights Management

– Updated for the latest Azure RMS PowerShell module: version For this new version, you must uninstall any previously installed versions of the Azure Rights Management Administration Tool, and you no longer need the Microsoft Online Services Sign-In Assistant. You can use this version of the PowerShell module to connect to Azure RMS with an account that uses MFA, by using the


cmdlet without any parameters.

Rights Management sharing application administrator guide

– Updated the automatic deployment instructions, for Office 2010 and AD RMS: Step 2 has new instructions for Windows 7, where the aadrmpep.exe /configureO2010 command must be run from within the context of the x64win 7 or x86win7 folder.


– New Azure RMS cmdlet for when you want to manage your own tenant key (BYOK) by using Azure Key Vault.

Source: EM+S Blog Feed

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.