Enterprise Mobility and Security Blog

RSS

Hi everybody

As per Carol’s introduction post, she's letting you know what's new and hot in the docs for this month.  And, we're celebrating a full year of bringing you these doc update announcements, that we hope help keep you better informed.

Reminders: Follow us on twitter (@TheRMSGuy) and join in our RMS peer community at www.yammer.com/AskIPTeam.

Cheers, 

   Dan (on behalf of the RMS team)


The Documentation Library for Azure Rights Management has been updated on the web and the latest content has Updated: January 1, 2015 (or later) at the top of the topic.

Summary of the documentation available: Getting Started with Rights Management | Configuring Rights Management | Using Rights Management | Administering Rights Management by using Windows PowerShell

Plus, the Rights Management sharing application guides (admin guide and user guide) and FAQs (for Windows and mobile platforms).

It's been a great way to start the year!  First, check out the latest What's New in Azure RMS (September-December) if you need a round-up or refresher for updates and changes that saw out 2014.  Tip: You might want to bookmark "What's New in Azure RMS" to see a list of all changes during 2014, as well as automatically list new ones when they become available. 

NEW!  Then, check out our new storyboarding section: Azure RMS in action: What administrators and users see. This takes you through some typical use cases for Azure RMS, with screenshots. It covers activation and templates, the RMS connector with FCI, Exchange Online and DLP, SharePoint Online and protected libraries, and the RMS sharing app with an iPad.  Although the last scenario shows users applying information protection, this section highlights the control that administrators have when they automatically apply protection with simple but powerful "set it and forget it" configurations.

UPDATES!  We then move to doc updates that support the January releases and features, changes that update the support statements, and fixes and clarifications to incorporate customer feedback.  If you provided some of this feedback, thank you for helping to improve the docs for others!

We value customer feedback and try to incorporate it when possible.  Although we can't promise to make the docs perfect for everybody, we are committed to continual improvement.  If you have any feedback about the docs for the RMS sharing application, or for Azure RMS, email AskIPTeam@Microsoft.com.

What's New for the RMS Sharing Application Documentation, January 2015

The following information lists the topics that contain significant changes since the last update (August 2014) and support the January release.

Rights Management Sharing Application for Windows

– New landing page to bring together the main links for the RMS sharing application.

Rights Management sharing application: Version release history

– New topic that lists fixes and new functionality for each release, starting with our January release.

Rights Management sharing application administration guide

– Updates include:

  • Clarifications to the Suppressing automatic updates section: Details about creating the RmsSharingApp key, if not already present, and a suggested strategy for testing new versions before an enterprise rollout.
  • A new section, AD RMS only: Support for multiple email domains within your organization: Specific to the January release, how to edit the registry if your organization uses AD RMS and has multiple email domains, perhaps as a result of mergers and acquisitions. Without this configuration and newly added support, some users might not be able to consume content that has been protected by other users in your organization.

 

What's New in the Documentation Library for Azure Rights Management, January 2015

The following information lists the topics that contain significant changes since the last update (December 2014).

What is Azure Rights Management?

– New section, Azure RMS in action: What administrators and users see, which takes you through some typical use cases for Azure RMS, with screenshots. While the outcomes show the protection enforcement, the introduction reminds you that organization always remain in control of their data (can always access it) by using the Super User feature. In addition, the Enable-AadrmSuperUserFeature and Add-AadrmSuperUser reference topics are updated to clarify that the statement "super users can decrypt any rights-protected content file and remove rights-protection for content previously protected within that organization" applies even if an expiration date has been set and expired.

RMS for Individuals and Azure Rights Management

– Updated to add the New-MsolDomain command to the instructions "To obtain an Azure Active Directory subscription and take ownership of the Azure directory" and corrected the cmdlet to verify the challenge for Get-MsolDomain.

Comparing Azure Rights Management and AD RMS

– Updated the supported migration paths for Azure Rights Management, and added departmental templates as a differentiator for Azure RMS.

Requirements for Azure Rights Management

– Updated for the following:

Terminology for Azure Rights Management

– New entry for departmental template.

Azure Rights Management Deployment Roadmap

– Updated for migration and user onboarding controls.

Migrating from AD RMS to Azure Rights Management

– New topic if you're running RMS on-premises and want to benefit from the capabilities that Azure RMS offers, while preserving access to documents and email messages that your organization protected by using AD RMS.

Planning and Implementing Your Azure Rights Management Tenant Key

– Updated to reflect new changes in the updated version of the BYOK toolset, which includes new files and updated commands.

Activating Azure Rights Management

– Updated for information and instructions for user onboarding controls, if you need a phased deployment of Azure RMS.

Configuring Custom Templates for Azure Rights Management

– Updated for departmental templates (now in Preview) and the following:

  • Added a tip if you want to specify rights for external users. You can do this with some restrictions and limitations.
  • Recommendation to test the configured rights with your applications before deploying to users (by using departmental templates), because the actual implementation of each right can vary by application.
  • Corrected the example in the Exchange Online Only subsection in the Refreshing templates for users section.

Administering Azure Rights Management by Using Windows PowerShell

– Updated for the cmdlets that support migration (Import-AadrmTpd) and user onboarding controls (Get-AadrmOnboardingControlPolicy and Set-AadrmOnboardingControlPolicy).

Azure Rights Management Cmdlets

– Updated for the new version number (2.1.0.0) and the new cmdlets that support migration and user onboarding controls.  In addition:

  • The cmdlets for templates are updated for configuring departmental templates (the parameters EnableInLegacyApps and ScopedIdentities were previously unsupported).
  • The Connect-AadrmService cmdlet description is updated to clarify which accounts qualify as an Azure RMS tenant administrator for when you are prompted for credentials.

Frequently Asked Questions for Azure Rights Management

– New entries:

  • Can I control which of my users can use Azure RMS to protect content?
  • When will you support migration from AD RMS?