Information Rights Management (IRM) is enabled by default for internal messages in Exchange 2010. This allows you to create transport protection rules and Microsoft Outlook protection rules to IRM-protect messages in transport and on Microsoft Outlook 2010 clients. Enabling IRM for internal messages is a prerequisite for all other IRM features in Exchange 2010, such as transport decryption, journal rule decryption, IRM in Microsoft Office Outlook Web App, and IRM in Microsoft Exchange ActiveSync.

As the Exchange administrator, it is your responsibility to provide this level of automatic protection to all email messages that pass through the Exchange organization. You need to create a transport rule that complies with this corporate policy.

I have tried to Configure a Transport Rule to Provide RMS Protection to Email Messages Using a Built-in Template in Microsoft virtual lab environment. I have took a note of it to help others to understand it more clearly and to help them to implement it:

The discussion includes the steps like Enabling the IRM Licensing, creation of the transport rule and testing it how it would be using Outlook 2010.

1. Enable IRM licensing for internal messages

Use the cmdlet: Set-IRMConfiguration -InternalLicensingEnabled $true

Note: There is no output after running this command.

Use the cmdlet Get-IRMConfiguration to review the IRM configuration settings and verify that InternalLicensingEnabledis set to true as shown in the given screenshot.

2. Create the transport rule that applies the Do Not Forward RMS template

In Organization Configuration, click Hub Transport. In the Actions pane, click New Transport Rule.

Give a proper rule name and proceed to the Conditions page. Under Step 1: Select condition(s),

when an attachment’s content contains words check box as given below and give the word under observation.

Also select the rights protect message with RMS template check box as below:

Under Step 2: Edit the rule description by clicking an underlined value, click RMS template.

In the Select RMS template window, Select Do Not Forward, and then click OK

No changes are required on the Exceptions page, click Next.

On the Create Rule page, review the rule settings, and then click New as below.

3. Create and send a new email message with an attachment with monitored word

To test the rule, I have sent an email message with an excel document attached with it. The excel has been prepared with the word under monitoring in transport rules.

4: Verify that the transport rule was applied to the message

Open the sent email from the inbox in a new window

Wait while Outlook configures Information Rights Management. You can see the screenshot as below:

You will notice the information along withthe message as in the below screenshot to describe the IRM

 

In the Ribbon bar, notice that the Forward message option has been disabled.

Click Reply and review the Note in the message body.

Highlight the text Here is the status report, and then right-click the text. Notice how the Copy and Cut options have been disabled.

In the Message, click the File tab. Notice that the Save As, Save Attachment and Print options have been disabled.

In conclusion, we can find that the IRM has been applied successfully. Hope the post will help you out while configuring IRM for your organization.

3 Comments


  1. Good job miakng it appear easy.

    Reply
  2. Farooq

    In Exchange 2013 when I put this command I get license error

    Reply

    • Hi Farooq, this has been prepared for Exchange 2010. So, there may have slight changes when you follow it for 2013. Anyway, let me know the exact error you are experiencing so that I can have a look and solve that

      Thanks,
      Manu

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Protected by WP Anti Spam