Blog Post

Security, Compliance, and Identity Blog
3 MIN READ

General Availability of Adobe Acrobat Reader Integration with Microsoft Information Protection

Kartik Kanakasabesan's avatar
Dec 11, 2018

We would like to announce the general availability of Adobe Acrobat Reader integration with Microsoft Information Protection solutions – which we originally announced in September Your feedback during the development of this integration was both insight and useful.  You can download the new Adobe Acrobat Reader  that supports Microsoft Information Protection capabilities at the following location

 

 

 

Figure 1: Page to download the Adobe integration Plug-in

Installation instructions

Prior to downloading the latest Adobe Acrobat, please make sure that your labels are visible in the Security and Compliance center UI @ https://protection.office.com . If the labels are visible and are published by a label policy from the Security and Compliance center, the Adobe Integration will function.  

 

Note: The instructions on how to replicate your existing AIP labels to Security and Compliance center is at the following link

 

After you have validated the label being visible in the Security and Compliance center, please proceed to download your Adobe Acrobat Reader from the Adobe site. Once you have installed the Reader then please proceed to the link and download the integration plug-in for installation.  Please make sure that you close the Adobe Acrobat solution prior to installing the plug-in, otherwise it will not work. 

 

If have an older installation then please make sure to read the general terms of use and uninstall any old Reader and plug-in installation before installing the new reader and the plug-in.  The integration works with the 2019.010.20064 version of Acrobat Reader DC and Acrobat DC. Please do not use the plug-in with an earlier version of Acrobat.

 

After you have installed the plug-in, please try to label and protect a PDF document using the Azure Information Protection client and then open with Adobe Acrobat Reader that has the integration enabled. 

 

Organizations with restrictive install permissions within their tenant

In case you receive the following error as shown in Figure 2, when opening the secure PDF document with Adobe, It is due to the fact that the tenant administrator in your organization does not want users to authorize applications within your organizations tenant .  This is an additional security measure that your tenant administrator might have enabled .

 Figure 2: Admin Consent page that shows if you have not authorized the Adobe applications

 

In such cases, please have your tenant administrators consent to the Adobe Acrobat App-id which is as follows:

cad2910c-3b55-4610-ba7e-dda581063c91

 

Once the administrative consent happens, then you should be ready to consume protected PDF content via Adobe’s Acrobat Reader. If you would like to understand what consent flows are, please read the information at the following link:

 

https://techcommunity.microsoft.com/t5/Microsoft-Information-Protection/Consent-flows-for-applications-integrated-with-the-Microsoft/ba-p/301794

 

 

 

Viewing the label ribbon when PDF is labeled or labeled and protected

 

 To view the label ribbon in Acrobat reader interface please update or create the following registry entry on your computer

 

Computer\HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\MicrosoftAIP

Create a DWORD value name called : bShowDMB with a Hexadecimal value of 1 

 

 

 Figure 3: Label banner on a PDF

 

 

  That will allow the ability to view the label ribbon within the Acrobat interface

 

Issues in viewing labels with Adobe Reader

Even after making the changes in registry you are not seeing the labels. Then the issue could be the following:

  • Have your labels been replicated from the AIP portal to Security and Compliance center?
  • Have you published your labels to the users in your tenant from the Security and Compliance center?

If your answer is no, to the above questions, then you will not see the labels. The Adobe integration is enabled with Microsoft Information Protection and the policies for those labels comes the Security and Compliance center at https://protection.office.com

 

Please check if your AIP labels manifest within Security and Compliance center and if they are visible then please make sure that your labels are published.

 

If you have done the above steps please make sure that the registry entry for the label banner is done as Adobe\Acrobat Reader\DC and not under Adobe\DC

Computer\HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\MicrosoftAIP

And the value is a DWORD not a QWORD

 

 

We at both Adobe and Microsoft look forward to your engagement and feedback to improve the product experience.

 

 

Updated May 11, 2021
Version 33.0