The Saga of Hold Your Own Key (AIP Classification with AD RMS Protection)

The Situation: Azure Information Protection (AIP) is a powerful technology for Classifying and Protecting sensitive data which was designed around the cloud based Azure RMS service for protection.  This is great for new users of Microsoft Information Protection technologies as there is less investment in on premises servers that must be maintained and secured.  However,…


AD RMS to AD RMS to Azure Information Protection Part 1

The Scenario: So, you have read my previous blog posts about AD RMS side-by-side migration and Enterprise Migration from AD RMS to AIP using SCCM but unfortunately both of those articles assume best case scenario for the original AD RMS cluster.  Sadly, that is not always the way things work.  In the real world, the…


The Enterprise Admin (unpleasant) Way to Add an AD RMS Service Connection Point

The Situation: You need to install a new AD RMS cluster in your environment because you got a nastygram from an auditor about not having your document libraries protected.  However, you have secured your environment against modern threats which means that your Enterprise Admin cannot log into one of those dirty Tier 1 servers (good…