Setting up Microsoft Azure Rights Management with Office 365 Message Encryption

 

Today I am going to talk about a new feature which Office 365 team has introduced and that is “Office 365 Message Encryption”.

https://technet.microsoft.com/en-us/library/dn569286.aspx

Office 365 Message Encryption depends on Microsoft Azure Rights Management (previously known as Windows Azure Active Directory Rights Management). To use this encryption service, you must have an Office 365 organization that includes an Exchange Online or Exchange Online Protection subscription that, which in turn, includes an Azure Rights Management subscription.

clip_image001

https://office.microsoft.com/en-us/business/office-365-enterprise-e3-business-software-FX103030346.aspx

Office 365 Enterprise E3 includes:

clip_image002

So when creating a transport rule for message encryption, we may receive the following error.

clip_image004

You can't create a rule containing the ApplyOME or RemoveOME action because IRM licensing is disabled

After doing some research found out that this was because for IRM the internal licensing was not enabled.

Please refer to the below given TechNet article that would help us understand and enable the internal licensing for the IRM.

Note: Follow all the six steps in the article mentioned below.

https://technet.microsoft.com/en-us/library/dn569291.aspx

Also on how to connect to Exchange Online, we can use any PowerShell tool from any machine and connect as mentioned in the article below.

https://technet.microsoft.com/en-us/library/jj984289(v=exchg.150).aspx

Author:

Kaustubh Dwivedi
Microsoft Security Support Engineer

Reviewer:

NITIN SINGH
Microsoft Security Support Escalation Engineer