Our technical writer, Carol Bailey, is letting you know what’s new and hot in the docs for this month.
Dan (on behalf of the Information Protection team)
The Documentation for Azure Rights Management has been updated on the web and the latest content has a August 2016 (or later) date at the top of the article.
In addition to the Azure RMS doc updates listed below, if you’ve been following and evaluating the Azure Information Protection preview, you might be interested in these doc updates:
- Requirements and additional information for the recently announced “hold your own key” feature, which uses AD RMS to protect the small percentage of documents or emails that must use an on-premises key: Hold your own key (HYOK) requirements and restrictions for AD RMS protection.
- Additional information and examples for the variables that you can use in the headers and footers: See the Using variables in the text string section from the policy configuration documentation.
- Try some of the example conditions documented in the Information about the built-in conditions section, also from the policy configuration documentation.
We invite you to share your findings or ask questions about the preview with the Information Protection team on Yammer.
If you have feedback about the documentation for Azure RMS, the RMS sharing application, or Azure Information Protection: Email AskIPTeam@Microsoft.com. We value customer feedback and try to incorporate it whenever possible.
What’s new in the documentation for Azure Rights Management, August 2016
The following information lists the articles that have significant technical changes since the last update (July 2016). If you have problems finding information on the new publishing site, let us know and we will help you locate it while the search engines index these new pages.
– Updated the table for Android and Office Mobile for Word, Excel, PowerPoint to clarify that this is supported for Azure RMS only. This clarification is also added to the Active Directory Rights Management Services Mobile Device Extension documentation.
– Updates throughout now that Azure RMS bring you own key (BYOK) uses Azure Key Vault. Also clarified that you can move to BYOK at any time and retain access to previously protected documents and emails by using the previous, now archived key.
– Updates to procedures for when you want to manage your own tenant key (BYOK with Azure Key Vault), and the new requirements that your AD RMS servers must be in cryptographic mode 2 and running at least Windows Server 2008 R2 (Windows Server 2008 is no longer supported).
– Updated to clarify that the Full Control right is required to re-protect documents and emails.
– Updated for the new request types (KeyVaultDecryptRequest, KeyVaultGetKeyInfoRequest, KeyVaultSignDigest) now that BYOK uses Azure Key Vault.
– Updated for the latest Azure RMS PowerShell module: version 22.214.171.124. For this new version, you must uninstall any previously installed versions of the Azure Rights Management Administration Tool, and you no longer need the Microsoft Online Services Sign-In Assistant. You can use this version of the PowerShell module to connect to Azure RMS with an account that uses MFA, by using the Connect-AadrmService cmdlet without any parameters.
– Updated the automatic deployment instructions, for Office 2010 and AD RMS: Step 2 has new instructions for Windows 7, where the aadrmpep.exe /configureO2010 command must be run from within the context of the x64\win 7 or x86\win7 folder.
– New Azure RMS cmdlet for when you want to manage your own tenant key (BYOK) by using Azure Key Vault.