Azure RMS: Office 365 for Mac "You do not have permission to open this message"

Been running into new issues within the Azure RMS support realm and we wanted to share out some scenarios that seem to show uncommon results.

Was asked about an error that was occurring with the Office 365 suite on a OSX platform: " You do not have permissions to open this message".

The build on this environment was as follows:

• Microsoft Outlook for Mac (Version 15.28)

  • How to update office for OSX (https://support.office.com/en-us/article/Check-for-Office-for-Mac-updates-automatically-bfd1e497-c24d-4754-92ab-910a4074d7c1?ui=en-US&rs=en-US&ad=US&fromAR=1)

• MacOS 10.11 “El Capitan”

The error was reproduced when opening any Azure RMS encrypted messages while on the OSX platform. When using Outlook web client (OWA), the user was able to open up any RMS encrypted emails or files.

Another scenario that was working, was if the user was logged into a Windows platform ( Example: Windows 10 ), he was able to open the RMS encrypted messages within his O365 suite.

After some troubleshooting, we discovered that all of the templates inside Azure RMS were "archived" or the O365 user was not in added to any published template scopes.

How to view templates through PowerShell:

1. Download the Azure RMS PowerShell module
   1. http://www.microsoft.com/en-us/download/details.aspx?id=30339
2. Connect-AadrmService
3. $templates = Get-AadrmTemplate
4. Run " foreach ($template in $templates) {Get-AadrmTemplateProperty -TemplateId $template.TemplateId -Name -RightsDefinitions -ScopedIdentities  -ReadOnly -Status | ft} "