Aug 09 2017
06:58 AM
- last edited on
May 24 2021
02:00 PM
by
TechCommunityAP
Aug 09 2017
06:58 AM
- last edited on
May 24 2021
02:00 PM
by
TechCommunityAP
If you can't currently sign out of the AIP client, what is the best way to unprotect a document with an administrative account using PowerShell? Will I have to log into the computer with an unlicensed account so that the AIP module prompts for credentials?
Aug 09 2017 11:18 AM
Have you checked the documentation here: https://docs.microsoft.com/en-us/information-protection/rms-client/client-admin-guide-powershell
The module can use both interactive and non-interactive login, depending on what your goal is. If you have a user with "super user" permissions, or enough permissions on the file, you can just run the Unprotect-RMSFile and provide the credentials when asked. Otherwise, follow the instructions in the above article.
Aug 09 2017 11:20 AM
Yes, I have seen that. The problem is that I don't get prompted for credentials. It is using the currently logged on user's credentials. I was wondering if I could use different credentials while still logged in with the licensed user (that doesn't have permission to unprotect the file).
Aug 09 2017 12:01 PM
Well, we dont have currently an option to sign out, you have to manually clear the token cache from registry (
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\MSIPC\pscmdlet\server_GUID) and the filesystem (%LocalAppData%\Microsoft\MSIPC\pscmdlet\Auth). Then you should be prompted for credentials.