Azure Information Protection Documentation Update for October 2016

First published on CloudBlogs on Oct 31, 2016
Hi everybody Our technical writer, Carol Bailey, is letting you know what’s new and hot in the docs for this month. Happy Halloween! Reminders: Follow us on Twitter ( http://twitter.com/TheRMSGuy ) and join in our peer community at http://www.yammer.com/AskIPTeam . Dan (on behalf of the Information Protection team) The https://docs.microsoft.com/en-us/information-protection/ (formerly Azure Rights Management) has been updated on the web and the latest content has an October 2016 (or later) date at the top of the article. In addition to the doc updates listed below, the https://msdn.microsoft.com/library/azure/mt433195.aspx is also updated for a recent release of the RMS Protection Tool (version 2.2.0.0 of the PowerShell module, now on the https://www.microsoft.com/en-us/download/details.aspx?id=47256 ). I'm happy to report that most of the doc updates were for removing limitations that were documented for the previous version: You can now unprotect protected voice mails (Unified Messaging), unprotect .eml files, and there's no longer a dependency on Microsoft Outlook when you unprotect .pst files. This new version also gives you more control for retaining the original file, with a new -InPlace parameter. When you specify this parameter with Protect-RMSFile or Unprotect-RMSFile, the existing file is overwritten if you do not specify an output folder. In previous versions that didn't have this parameter, this was the default behavior, which meant you might accidentally overwrite the original file. Now, you have to specify a parameter before the original file is overwritten. However, to retain the same behavior as before, you might need to add the -InPlace parameter to your commands and scripts. This change, including all the examples, is updated through the documentation and is noted on the main page as a breaking change for this version. There are additional improvements in this version, which include performance and support for inline pictures and documents in emails. You can read more information about this new version from Tom Moser on the Azure Information Protection Yammer site: https://www.yammer.com/askipteam/#/Threads/show?threadId=788241505 One more new release that's worth noting with some updates to the documentation is the Azure Information Protection client. You can read more about this new version from Eyal Manor, also on the Azure Information Protection Yammer site: https://www.yammer.com/askipteam/#/Threads/show?threadId=790002128 With so many releases, new features, better integration support, and exciting improvements on the horizon, it can be challenging to keep up. If you weren't able to get to https://ignite.microsoft.com/ which had lots of great sessions for Azure Information Protection, you can catch up by viewing the on-demand sessions that are now added to the Resources section of https://docs.microsoft.com/en-us/information-protection/understand-explore/what-is-information-protection but also included here, for convenience:

• https://myignite.microsoft.com/videos?q=BRK2127
• https://myignite.microsoft.com/videos?q=THR2107
• https://myignite.microsoft.com/videos?q=THR2108
• https://myignite.microsoft.com/videos?q=BRK3095
• https://myignite.microsoft.com/videos?q=BRK2128

For feedback about the documentation for the RMS Protection tool and Azure Information Protection: Email mailto:askipteam@microsoft.com?subject=Documentation%20feedback . We value customer feedback and try to incorporate it whenever possible.

What's new in the documentation for Azure Information Protection, October 2016

https://docs.microsoft.com/en-us/information-protection/understand-explore/what-is-information-protection - Updated the https://docs.microsoft.com/en-us/information-protection/understand-explore/what-is-information-protection#resources-for-azure-information-protection section, with links to the GA announcement, Enterprise Mobility + Security E5 free trial, and the Microsoft Ignite 2016 on-demand sessions for Azure Information Protection. https://docs.microsoft.com/en-us/information-protection/get-started/faqs-infoprotect - New entry about the difference features supported for the Azure Information Protection Premium subscriptions: https://docs.microsoft.com/en-us/information-protection/get-started/faqs-infoprotect#which-options-in-the-azure-portal-are-p1-or-p2 https://docs.microsoft.com/en-us/information-protection/get-started/faqs-rms - New entry about revocation and the use license: https://docs.microsoft.com/en-us/information-protection/get-started/faqs-rms#when-i-test-revocation-in-the-document-tracking-site-i-see-a-message-that-says-people-can-still-access-the-document-for-up-to-30-daysis-this-time-period-configurable https://docs.microsoft.com/en-us/information-protection/get-started/requirements-azure-rms - Updated the Azure Active Directory section for the statement that forms-based authentication is not supported for federated accounts. A similar update is added to the https://technet.microsoft.com/library/dn673574.aspx article. https://docs.microsoft.com/en-us/information-protection/get-started/requirements-applications - Removed the .pfile support for the Azure Information Protection app for iOS and Android. This file type is not support by this app and similar updates have been made in the https://technet.microsoft.com/library/dn673574.aspx article and the https://docs.microsoft.com/en-us/information-protection/rms-client/mobile-app-faq page for users. https://docs.microsoft.com/en-us/information-protection/plan-design/migrate-from-ad-rms-to-azure-rms - Added a new section, https://docs.microsoft.com/en-us/information-protection/plan-design/migrate-from-ad-rms-to-azure-rms#recommended-reading-before-you-migrate-to-azure-information-protection . Although you don't need to know this background information to successfully migrate from AD RMS, we found many customers who were migrating ask questions that were covered by these recommended documentation links. Having a better understanding of how things work can also help you make better decisions, and result in more efficient troubleshooting. https://docs.microsoft.com/en-us/information-protection/plan-design/migrate-from-ad-rms-phase2 - Added information that you might need to include the port number 443 when you edit the redirection script (Redirect_OnPrem.cmd) to point to your new Azure Information Protection tenant. This additional value is most likely required if you upgraded from Windows Rights Management Services, but you can confirm by checking the Cluster Details in the Active Directory Rights Management Services console. https://docs.microsoft.com/en-us/information-protection/plan-design/byok-price-restrictions - Added a new section, https://docs.microsoft.com/en-us/information-protection/plan-design/byok-price-restrictions#benefits-of-using-azure-key-vault . Although Azure Key Vault is now a requirement if you want to manage your own tenant key for Azure Information Protection (the "bring your own key", or BYOK configuration), this Azure service provides many benefits that you might not be familiar with. https://docs.microsoft.com/en-us/information-protection/deploy-use/create-template - Updated for the additional information that you should not include a colon or semicolon in the template name or description. We've had reports that these characters can cause problems for some services. https://docs.microsoft.com/en-us/information-protection/rms-client/client-deployment-notes - Updated for support for Windows 10 and Windows Server 2016. The https://docs.microsoft.com/en-us/information-protection/rms-client/client-deployment-notes#rms-service-discovery section is also updated with additional information about how service discovery works for the cloud. Understanding how discovery works is particularly useful when you migrate from AD RMS to Azure Information Protection. https://docs.microsoft.com/en-us/information-protection/rms-client/info-protect-client - Updated the https://docs.microsoft.com/en-us/information-protection/rms-client/info-protect-client#to-verify-installation-connection-status-or-report-a-problem section for the latest release, which includes the new Run diagnostics option. https://docs.microsoft.com/en-us/information-protection/rms-client/client-version-release-history - New article that documents changes in new releases for the Azure Information Protection client since General Availability (GA). https://docs.microsoft.com/en-us/information-protection/rms-client/fci-script - Updated for the new -InPlace parameter as noted in this post's introduction, and updated the script version number for this change. https://docs.microsoft.com/en-us/information-protection/rms-client/sharing-app-admin-guide - Updated to clarify the section To install the RMS sharing application and Office add-in only : When you run the documented commands, the folder that you specify for the log file must already exist. If the folder does not already exist, the installation does not create it for you and the installation fails to complete. Because of the /quiet parameter, you do not see the message that the installer failed to run because it could not locate the folder or did not have write permissions to it. https://docs.microsoft.com/en-us/information-protection/rms-client/mobile-app-faq - New entry: https://docs.microsoft.com/en-us/information-protection/rms-client/mobile-app-faq#how-do-i-get-started-with-the-viewer-app End users will typically use the Azure Information Protection app automatically when they need to open a protected email or file. But if you are an admin who wants to test the app for your users, or simply want to try it out before you need it, these instructions step you through how to do that. These instructions will also be accessible from a new Get started link when you first open the app and haven't yet signed in.